4 matches found
CVE-2024-3025
mintplex-labs/anything-llm is vulnerable to path traversal attacks due to insufficient validation of user-supplied input in the logo filename functionality. Attackers can exploit this vulnerability by manipulating the logo filename to reference files outside of the restricted directory. This can...
CVE-2024-3025
creationtimestamp| type| source ---|---|--- 2024-04-12 07:47:08+00:00| seen| https://t.me/arpsyndicate/4556...
CVE-2024-3025
mintplex-labs/anything-llm is vulnerable to path traversal attacks due to insufficient validation of user-supplied input in the logo filename functionality. Attackers can exploit this vulnerability by manipulating the logo filename to reference files outside of the restricted directory. This can...
CVE-2024-3025
The CVE-2024-3025 entry affects mintplex-labs/anything-llm, where the logo filename handling allows path traversal due to insufficient input validation. Attackers can reference files outside the restricted directory via the logo upload endpoint, exposing the application’s database and potentially...