12 matches found
EUVD-2024-2610
Malicious code in bioql PyPI...
CVE-2024-42485
Filament Excel enables excel export for Filament admin resources. The export download route /filament-excel/path allowed downloading any file without login when the webserver allows ../ in the URL. Patched with Version v2.3.3...
Path Traversal
Filament Excel is vulnerable to Path Traversal. The vulnerability is due to improper validation of file paths in the export download route '/filament-excel/path', allowing the use of ../ to navigate directories and access unauthorized files...
Filament Excel Vulnerable to Path Traversal Attack on Export Download Endpoint
Impact The export download route /filament-excel/path allowed downloading any file without login when the webserver allows ../ in the URL. Patches Patched with Version v2.3.3 Credits Thanks to Kevin Pohl for reporting this...
GHSA-M3PX-VJXR-FX4M Filament Excel Vulnerable to Path Traversal Attack on Export Download Endpoint
Impact The export download route /filament-excel/path allowed downloading any file without login when the webserver allows ../ in the URL. Patches Patched with Version v2.3.3 Credits Thanks to Kevin Pohl for reporting this...
CVE-2024-42485
Filament Excel enables excel export for Filament admin resources. The export download route /filament-excel/path allowed downloading any file without login when the webserver allows ../ in the URL. Patched with Version v2.3.3...
CVE-2024-42485
CVE-2024-42485 affects Filament Excel. The vulnerability exists in the export download route /filament-excel/{path}, where an attacker could leverage directory traversal using ../ to download arbitrary files without authentication when the webserver allows such paths. This could disclose sensitiv...
CVE-2024-42485 Filament Excel Vulnerable to Path Traversal Attack on Export Download Endpoint
Filament Excel enables excel export for Filament admin resources. The export download route /filament-excel/path allowed downloading any file without login when the webserver allows ../ in the URL. Patched with Version v2.3.3...
CVE-2024-42485 Filament Excel Vulnerable to Path Traversal Attack on Export Download Endpoint
Filament Excel enables excel export for Filament admin resources. The export download route /filament-excel/path allowed downloading any file without login when the webserver allows ../ in the URL. Patched with Version v2.3.3...
CVE-2024-42485 Filament Excel Vulnerable to Path Traversal Attack on Export Download Endpoint
Filament Excel enables excel export for Filament admin resources. The export download route /filament-excel/path allowed downloading any file without login when the webserver allows ../ in the URL. Patched with Version v2.3.3...
PT-2024-29982 · Unknown · Filament Excel
Name of the Vulnerable Software and Affected Versions: Filament Excel versions prior to v2.3.3 Description: The export download route "/filament-excel/path" allowed downloading any file without login when the webserver allows ../ in the URL. This issue was reported by Kevin Pohl. Recommendations:...
Filament Excel 安全漏洞
Filament Excel is a tool by Dennis Koch, a personal developer. Easily configure Excel exports in Filament through batch or page operations. A security vulnerability exists in Filament Excel that stems from allowing any file to be downloaded without logging in...