mintplex-labs/anything-llm is affected by an uncontrolled resource consumption vulnerability in its upload file endpoint, leading to a denial of service (DOS) condition. Specifically, the server can be shut down by sending an invalid upload request. An attacker with the ability to upload documents....
6.5CVSS
0.0004EPSS
mintplex-labs/anything-llm is affected by an uncontrolled resource consumption vulnerability in its upload file endpoint, leading to a denial of service (DOS) condition. Specifically, the server can be shut down by sending an invalid upload request. An attacker with the ability to upload documents....
6.5CVSS
7AI Score
0.0004EPSS
A path traversal and arbitrary file upload vulnerability exists in the parisneo/lollms-webui application, specifically within the @router.get("/switch_personal_path") endpoint in ./lollms-webui/lollms_core/lollms/server/endpoints/lollms_user.py. The vulnerability arises due to insufficient...
9.4CVSS
7.8AI Score
0.0004EPSS
A path traversal and arbitrary file upload vulnerability exists in the parisneo/lollms-webui application, specifically within the @router.get("/switch_personal_path") endpoint in ./lollms-webui/lollms_core/lollms/server/endpoints/lollms_user.py. The vulnerability arises due to insufficient...
9.4CVSS
0.0004EPSS
A path traversal and arbitrary file upload vulnerability exists in the parisneo/lollms-webui application, specifically within the @router.get("/switch_personal_path") endpoint in ./lollms-webui/lollms_core/lollms/server/endpoints/lollms_user.py. The vulnerability arises due to insufficient...
9.4CVSS
7.5AI Score
0.0004EPSS
A Cross-Site Request Forgery (CSRF) vulnerability exists in the profile picture upload functionality of the Lollms application, specifically in the parisneo/lollms-webui repository, affecting versions up to 7.3.0. This vulnerability allows attackers to change a victim's profile picture without...
8.3CVSS
0.0004EPSS
A Cross-Site Request Forgery (CSRF) vulnerability exists in the profile picture upload functionality of the Lollms application, specifically in the parisneo/lollms-webui repository, affecting versions up to 7.3.0. This vulnerability allows attackers to change a victim's profile picture without...
8.3CVSS
6.4AI Score
0.0004EPSS
A Cross-Site Request Forgery (CSRF) vulnerability exists in the profile picture upload functionality of the Lollms application, specifically in the parisneo/lollms-webui repository, affecting versions up to 7.3.0. This vulnerability allows attackers to change a victim's profile picture without...
8.3CVSS
6.6AI Score
0.0004EPSS
The file upload feature in OTRS and ((OTRS)) Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl....
6.3CVSS
0.0004EPSS
The file upload feature in OTRS and ((OTRS)) Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl....
6.3CVSS
7.2AI Score
0.0004EPSS
CVE-2024-5278 Unrestricted File Upload leading to RCE in gaizhenbiao/chuanhuchatgpt
gaizhenbiao/chuanhuchatgpt is vulnerable to an unrestricted file upload vulnerability due to insufficient validation of uploaded file types in its /upload endpoint. Specifically, the handle_file_upload function does not sanitize or validate the file extension or content type of uploaded files,...
6.5CVSS
6.9AI Score
0.0004EPSS
CVE-2024-5278 Unrestricted File Upload leading to RCE in gaizhenbiao/chuanhuchatgpt
gaizhenbiao/chuanhuchatgpt is vulnerable to an unrestricted file upload vulnerability due to insufficient validation of uploaded file types in its /upload endpoint. Specifically, the handle_file_upload function does not sanitize or validate the file extension or content type of uploaded files,...
6.5CVSS
0.0004EPSS
CVE-2024-3149 SSRF in mintplex-labs/anything-llm
A Server-Side Request Forgery (SSRF) vulnerability exists in the upload link feature of mintplex-labs/anything-llm. This feature, intended for users with manager or admin roles, processes uploaded links through an internal Collector API using a headless browser. An attacker can exploit this by...
9.6CVSS
0.0004EPSS
CVE-2024-3153 Uncontrolled Resource Consumption in mintplex-labs/anything-llm
mintplex-labs/anything-llm is affected by an uncontrolled resource consumption vulnerability in its upload file endpoint, leading to a denial of service (DOS) condition. Specifically, the server can be shut down by sending an invalid upload request. An attacker with the ability to upload documents....
6.5CVSS
6.7AI Score
0.0004EPSS
CVE-2024-3153 Uncontrolled Resource Consumption in mintplex-labs/anything-llm
mintplex-labs/anything-llm is affected by an uncontrolled resource consumption vulnerability in its upload file endpoint, leading to a denial of service (DOS) condition. Specifically, the server can be shut down by sending an invalid upload request. An attacker with the ability to upload documents....
6.5CVSS
0.0004EPSS
CVE-2024-2288 CSRF File Upload Vulnerability in parisneo/lollms-webui
A Cross-Site Request Forgery (CSRF) vulnerability exists in the profile picture upload functionality of the Lollms application, specifically in the parisneo/lollms-webui repository, affecting versions up to 7.3.0. This vulnerability allows attackers to change a victim's profile picture without...
8.3CVSS
0.0004EPSS
CVE-2024-2288 CSRF File Upload Vulnerability in parisneo/lollms-webui
A Cross-Site Request Forgery (CSRF) vulnerability exists in the profile picture upload functionality of the Lollms application, specifically in the parisneo/lollms-webui repository, affecting versions up to 7.3.0. This vulnerability allows attackers to change a victim's profile picture without...
8.3CVSS
6.4AI Score
0.0004EPSS
CVE-2024-4320 Remote Code Execution due to LFI in '/install_extension' in parisneo/lollms-webui
A remote code execution (RCE) vulnerability exists in the '/install_extension' endpoint of the parisneo/lollms-webui application, specifically within the @router.post("/install_extension") route handler. The vulnerability arises due to improper handling of the name parameter in the...
9.8CVSS
8.2AI Score
0.0004EPSS
CVE-2024-4320 Remote Code Execution due to LFI in '/install_extension' in parisneo/lollms-webui
A remote code execution (RCE) vulnerability exists in the '/install_extension' endpoint of the parisneo/lollms-webui application, specifically within the @router.post("/install_extension") route handler. The vulnerability arises due to improper handling of the name parameter in the...
9.8CVSS
0.0004EPSS
CVE-2024-5186 Server Side Request Forgery (SSRF) in imartinez/privategpt
A Server-Side Request Forgery (SSRF) vulnerability exists in the file upload section of imartinez/privategpt version 0.5.0. This vulnerability allows attackers to send crafted requests that could result in unauthorized access to the local network and potentially sensitive information....
8.3CVSS
6.7AI Score
0.0004EPSS
CVE-2024-5186 Server Side Request Forgery (SSRF) in imartinez/privategpt
A Server-Side Request Forgery (SSRF) vulnerability exists in the file upload section of imartinez/privategpt version 0.5.0. This vulnerability allows attackers to send crafted requests that could result in unauthorized access to the local network and potentially sensitive information....
8.3CVSS
0.0004EPSS
A local file inclusion vulnerability exists in the JSON component of gradio-app/gradio version 4.25. The vulnerability arises from improper input validation in the postprocess() function within gradio/components/json_component.py, where a user-controlled string is parsed as JSON. If the parsed...
7.5CVSS
7.3AI Score
0.0004EPSS
CVE-2024-2624 Path Traversal and Arbitrary File Upload Vulnerability in parisneo/lollms-webui
A path traversal and arbitrary file upload vulnerability exists in the parisneo/lollms-webui application, specifically within the @router.get("/switch_personal_path") endpoint in ./lollms-webui/lollms_core/lollms/server/endpoints/lollms_user.py. The vulnerability arises due to insufficient...
9.4CVSS
0.0004EPSS
CVE-2024-2624 Path Traversal and Arbitrary File Upload Vulnerability in parisneo/lollms-webui
A path traversal and arbitrary file upload vulnerability exists in the parisneo/lollms-webui application, specifically within the @router.get("/switch_personal_path") endpoint in ./lollms-webui/lollms_core/lollms/server/endpoints/lollms_user.py. The vulnerability arises due to insufficient...
9.4CVSS
7.5AI Score
0.0004EPSS
CVE-2024-23793 Upload of files outside application directory
The file upload feature in OTRS and ((OTRS)) Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl....
6.3CVSS
0.0004EPSS
CVE-2024-23793 Upload of files outside application directory
The file upload feature in OTRS and ((OTRS)) Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl....
6.3CVSS
7AI Score
0.0004EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 27, 2024 to June 2, 2024)
_ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? __Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the...
10CVSS
9.6AI Score
EPSS
Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks
Muhstik botnet exploits a critical Apache RocketMQ flaw (CVE-2023-33246) for remote code execution, targeting Linux servers and IoT devices for DDoS attacks and cryptocurrency mining. Infection involves executing a shell script from a remote IP, downloading the Muhstik malware binary ("pty3"), and....
9.8CVSS
8.3AI Score
0.972EPSS
Hackers Target Python Developers with Fake "Crytic-Compilers" Package on PyPI
Cybersecurity researchers have discovered a malicious Python package uploaded to the Python Package Index (PyPI) repository that's designed to deliver an information stealer called Lumma (aka LummaC2). The package in question is crytic-compilers, a typosquatted version of a legitimate library...
7.1AI Score
7.4AI Score
6.3CVSS
5.5AI Score
EPSS
7.4AI Score
H5P < 1.15.8 - Contributor+ Stored XSS
Description The plugin does not validate uploads which could allow a Contributors and above to update malicious SVG files, leading to Stored Cross-Site Scripting...
6AI Score
EPSS
7.4AI Score
9.8CVSS
7AI Score
0.035EPSS
H5P < 1.15.8 - Contributor+ Stored XSS
Description The plugin does not validate uploads which could allow a Contributors and above to update malicious SVG files, leading to Stored Cross-Site Scripting issues PoC The PoC will be displayed on June 20, 2024, to give users the time to...
5.8AI Score
EPSS
Typo3 Arbitrary file upload and XML External Entity processing
It has been discovered that Flow 3.0.0 allows arbitrary file uploads, inlcuding server-side scripts, posing the risk of attacks. If those scripts are executed by the server when accessed through their public URL, anything not blocked through other means is possible (information disclosure,...
7.1AI Score
Typo3 Arbitrary file upload and XML External Entity processing
It has been discovered that Flow 3.0.0 allows arbitrary file uploads, inlcuding server-side scripts, posing the risk of attacks. If those scripts are executed by the server when accessed through their public URL, anything not blocked through other means is possible (information disclosure,...
7.1AI Score
Cross-Site Scripting (XSS) vulnerabilities in Neos
It has been discovered that Neos is vulnerable to several XSS attacks. Through these vulnerabilities, an attacker could tamper with page rendering, redirect victims to a fake login page, or capture user credentials (such as cookies). With the potential backdoor upload an attacker could gain access....
6.4AI Score
Cross-Site Scripting (XSS) vulnerabilities in Neos
It has been discovered that Neos is vulnerable to several XSS attacks. Through these vulnerabilities, an attacker could tamper with page rendering, redirect victims to a fake login page, or capture user credentials (such as cookies). With the potential backdoor upload an attacker could gain access....
6.4AI Score
Typo3 Broken Access Control in Import Module
It has been discovered that the Import/Export module is susceptible to broken access control. Regular backend users have access to import functionality which usually only is available to admin users or users having User TSconfig setting options.impexp.enableImportForNonAdminUser explicitly...
8AI Score
Typo3 Broken Access Control in Import Module
It has been discovered that the Import/Export module is susceptible to broken access control. Regular backend users have access to import functionality which usually only is available to admin users or users having User TSconfig setting options.impexp.enableImportForNonAdminUser explicitly...
8AI Score
Privilege Escalation & SQL Injection in TYPO3 CMS
Failing to properly dissociate system related configuration from user generated configuration, the Form Framework (system extension "form") is vulnerable to SQL injection and Privilege Escalation. Basically instructions can be persisted to a form definition file that were not configured to be...
8.1AI Score
Privilege Escalation & SQL Injection in TYPO3 CMS
Failing to properly dissociate system related configuration from user generated configuration, the Form Framework (system extension "form") is vulnerable to SQL injection and Privilege Escalation. Basically instructions can be persisted to a form definition file that were not configured to be...
8.1AI Score
Arbitrary Code Execution in TYPO3 CMS
Due to a missing file extension in the fileDenyPattern, backend user are allowed to upload *.pht files which can be executed in certain web server setups. The new default fileDenyPattern is the following, which might have been overridden in the TYPO3 Install Tool....
7.1AI Score
Arbitrary Code Execution in TYPO3 CMS
Due to a missing file extension in the fileDenyPattern, backend user are allowed to upload *.pht files which can be executed in certain web server setups. The new default fileDenyPattern is the following, which might have been overridden in the TYPO3 Install Tool....
7.1AI Score
📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? __Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the.....
8.8CVSS
8.5AI Score
0.001EPSS
Arbitrary JavaScript execution due to using outdated libraries
Summary gradio-pdf projects with dependencies on the pdf.js library are vulnerable to CVE-2024-4367, which allows arbitrary JavaScript execution. PoC Generate a pdf file with a malicious script in the fontmatrix. (This will run alert(‘XSS’).) poc.pdf Run the app. In this PoC, I've used the...
8.3AI Score
0.0004EPSS
Arbitrary JavaScript execution due to using outdated libraries
Summary gradio-pdf projects with dependencies on the pdf.js library are vulnerable to CVE-2024-4367, which allows arbitrary JavaScript execution. PoC Generate a pdf file with a malicious script in the fontmatrix. (This will run alert(‘XSS’).) poc.pdf Run the app. In this PoC, I've used the...
6.5AI Score
0.0004EPSS
Remote code execution in web server context
Impact User with administrative privileges and upload files that look like images but contain PHP code which can then be executed in the context of the web...
7.2CVSS
7.5AI Score
0.0004EPSS