CVE-2024-10109

A vulnerability in the mintplex-labs/anything-llm repository, as of commit 5c40419, allows low privilege users to access the sensitive API endpoint "/api/system/custom-models". This access enables them to modify the model's API key and base path, leading to potential API key leakage and denial of...

CVE-2024-12766

CVE-2024-12766 affects parisneo/lollms-webui (V13/feather). A Server-Side Request Forgery (SSRF) exists in POST /api/proxy, allowing an attacker to use the victim server’s credentials to reach arbitrary resources by passing a JSON payload such as {"url":"http://steal.target"}. Multiple security c...

CVE-2024-10830

Summary: CVE-2024-10830 affects eosphoros-ai/db-gpt v0.6.0, exposing a path traversal in the API endpoint /v1/resource/file/delete that allows an attacker to delete arbitrary server files by manipulating the file_key parameter. The issue is caused by inadequate sanitization of file_key and is des...

CVE-2024-10830 Path Traversal in eosphoros-ai/db-gpt

A Path Traversal vulnerability exists in the eosphoros-ai/db-gpt version 0.6.0 at the API endpoint /v1/resource/file/delete. This vulnerability allows an attacker to delete any file on the server by manipulating the filekey parameter. The filekey parameter is not properly sanitized, enabling an...

CVE-2024-7039

CVE-2024-7039 affects open-webui/open-webui v0.3.8. Affected component: API-based user management. Root cause: improper privilege management allows an admin to delete other administrators via the endpoint http://0.0.0.0:8080/api/v1/users/{uuid_administrator}, despite UI restrictions. Impact: elev...

CVE-2024-7039 Improper Privilege Management in open-webui/open-webui

In open-webui/open-webui version v0.3.8, there is an improper privilege management vulnerability. The application allows an attacker, acting as an admin, to delete other administrators via the API endpoint http://0.0.0.0:8080/api/v1/users/uuidadministrator. This action is restricted by the user...

CVE-2024-9099

In lunary-ai/lunary version v1.4.29, the GET /projects API endpoint exposes both public and private API keys for all projects to users with minimal permissions (e.g., Viewers, Prompt Editors). This is a data disclosure vulnerability that could let an attacker retrieve sensitive credentials and ac...

CVE-2024-9099 Exposure of Private API Keys in lunary-ai/lunary

In lunary-ai/lunary version v1.4.29, the GET /projects API endpoint exposes both public and private API keys for all projects to users with minimal permissions, such as Viewers or Prompt Editors. This vulnerability allows unauthorized users to retrieve sensitive credentials, which can be used to...

CVE-2024-9099 Exposure of Private API Keys in lunary-ai/lunary

In lunary-ai/lunary version v1.4.29, the GET /projects API endpoint exposes both public and private API keys for all projects to users with minimal permissions, such as Viewers or Prompt Editors. This vulnerability allows unauthorized users to retrieve sensitive credentials, which can be used to...

CVE-2024-6842

AnythingLLM (mintplex-labs/anything-llm) version 1.5.5 contains an information-disclosure vulnerability via the /setup-complete (or /api/setup-complete) endpoint, allowing remote, unauthenticated access to currentSettings that can include sensitive API keys for search engines. This enables potent...

CVE-2024-6842 Exposure of Sensitive Information in mintplex-labs/anything-llm

In version 1.5.5 of mintplex-labs/anything-llm, the /setup-complete API endpoint allows unauthorized users to access sensitive system settings. The data returned by the currentSettings function includes sensitive information such as API keys for search engines, which can be exploited by attackers...

CVE-2024-9919 Missing Authentication Check in parisneo/lollms-webui

A missing authentication check in the uninstall endpoint of parisneo/lollms-webui V13 allows attackers to perform unauthorized directory deletions. The /uninstall/appname API endpoint does not call the checkaccess function to verify the clientid, enabling attackers to delete directories without...

CVE-2024-9919 Missing Authentication Check in parisneo/lollms-webui

A missing authentication check in the uninstall endpoint of parisneo/lollms-webui V13 allows attackers to perform unauthorized directory deletions. The /uninstall/appname API endpoint does not call the checkaccess function to verify the clientid, enabling attackers to delete directories without...

CVE-2024-8438

Summary: CVE-2024-8438 describes a path traversal in modelscope/agentscope v0.0.4 where the /api/file endpoint does not sanitize the path parameter, enabling reading arbitrary server files. The underlying impact is information disclosure with a high severity (CVSS3/7.5) but no exploitation detail...

CVE-2024-8438 Path Traversal in modelscope/agentscope

A path traversal vulnerability exists in modelscope/agentscope version v.0.0.4. The API endpoint /api/file does not properly sanitize the path parameter, allowing an attacker to read arbitrary files on the server...

CVE-2024-8438 Path Traversal in modelscope/agentscope

A path traversal vulnerability exists in modelscope/agentscope version v.0.0.4. The API endpoint /api/file does not properly sanitize the path parameter, allowing an attacker to read arbitrary files on the server...

CVE-2024-8060

OpenWebUI 0.3.0 is affected by a vulnerability in the audio API endpoint /audio/api/v1/transcriptions that allows arbitrary file upload due to insufficient validation of file.content_type and user-controlled filenames, enabling path traversal. An authenticated user could overwrite critical files ...

CVE-2024-9309 SSRF in POST /worker_generate_stream API endpoint in haotian-liu/llava

A Server-Side Request Forgery SSRF vulnerability exists in the POST /workergeneratestream API endpoint of the Controller API Server in haotian-liu/llava version v1.2.0 LLaVA-1.6. This vulnerability allows attackers to exploit the victim Controller API Server's credentials to perform unauthorized...

CVE-2024-8249

CVE-2024-8249 affects mintplex-labs/anything-llm, specifically the embeddable chat API. The issue is an unauthenticated Denial of Service triggered by sending a malformed JSON payload to the API endpoint, causing a server crash via an uncaught exception. Affected version: git 6dc3642. Remediation...

CVE-2024-8249 Unauthenticated Denial of Service (DoS) in mintplex-labs/anything-llm

mintplex-labs/anything-llm version git 6dc3642 contains an unauthenticated Denial of Service DoS vulnerability in the API for the embeddable chat functionality. An attacker can exploit this vulnerability by sending a malformed JSON payload to the API endpoint, causing a server crash due to an...