173 matches found
PT-2025-33841
Name of the Vulnerable Software and Affected Versions: AllSky version 2023.05.01 04 Description: A path traversal flaw exists in AllSky version 2023.05.01 04 that allows an unauthenticated attacker to create a webshell and achieve remote code execution. The issue is located in the /includes/save...
Directory Traversal
Overview langchain-chatchat is a Langchain-Chatchat formerly langchain-ChatGLM, local knowledge based LLM like ChatGLM, Qwen and Llama RAG and Agent app with langchain Affected versions of this package are vulnerable to Directory Traversal via the flag argument in /v1/file. An attacker can access...
CVE-2025-6855
A vulnerability, which was classified as critical, has been found in chatchat-space Langchain-Chatchat up to 0.3.1. This issue affects some unknown processing of the file /v1/file. The manipulation of the argument flag leads to path traversal. The exploit has been disclosed to the public and may ...
VulnCheck KEV: CVE-2025-34046
An unauthenticated file upload vulnerability exists in the Fanwei E-Office = v9.4 web management interface. The vulnerability affects the /general/index/UploadFile.php endpoint, which improperly validates uploaded files when invoked with certain parameters uploadType=eofficelogo or...
Path Traversal
Erxes is vulnerable to a Path Traversal. The vulnerability is due to improper validation in the /read-file endpoint handler, allowing an unauthenticated attacker to read arbitrary files from the system...
erxes 安全漏洞
erxes is an open source Hubspot/Qualtrics alternative to erxes open source. Enabling SaaS providers and digital marketing agencies/developers to create unique experiences for their entire business. A security vulnerability exists in erxes versions prior to 1.6.2 that stems from a path traversal...
CVE-2024-10101
A stored cross-site scripting XSS vulnerability exists in binary-husky/gptacademic version 3.83. The vulnerability occurs at the /file endpoint, which renders HTML files. Malicious HTML files containing XSS payloads can be uploaded and stored in the backend, leading to the execution of the payloa...
CVE-2024-8143
In the latest version 20240628 of gaizhenbiao/chuanhuchatgpt, an issue exists in the /file endpoint that allows authenticated users to access the chat history of other users. When a user logs in, a directory is created in the history folder with the user's name. By manipulating the /file endpoint...
CVE-2024-3153
mintplex-labs/anything-llm is affected by an uncontrolled resource consumption vulnerability in its upload file endpoint, leading to a denial of service DOS condition. Specifically, the server can be shut down by sending an invalid upload request. An attacker with the ability to upload documents...
CVE-2024-3194
A vulnerability was found in MailCleaner up to 2023.03.14 and classified as problematic. Affected by this issue is some unknown functionality of the component Log File Endpoint. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to...
Arbitrary File Upload
Overview pytorch-lightning is a lightweight PyTorch wrapper for ML researchers. Scale your models. Write less boilerplate. Affected versions of this package are vulnerable to Arbitrary File Upload via the LightningApp when running on a Windows host at the /api/v1/uploadfile/ endpoint. An attacker...
PYSEC-2025-80
A path traversal vulnerability exists in modelscope/agentscope version v.0.0.4. The API endpoint /api/file does not properly sanitize the path parameter, allowing an attacker to read arbitrary files on the server...
AgentScope 路径遍历漏洞
AgentScope is a ModelScope open source application. Build LLM-based multi-intelligence applications more simply. A path traversal vulnerability exists in AgentScope version v0.0.4, which stems from the API endpoint /api/file not properly cleaning up the path parameter, allowing an attacker to rea...
PT-2025-3764 · Unknown · Code-Projects Online Book Shop
Name of the Vulnerable Software and Affected Versions: code-projects Online Shop version 1.0 Description: A problem has been found in the code that affects the /view.php file. Manipulating the name/details argument leads to cross site scripting attacks. These attacks can be started from a remote...
PYSEC-2024-113
In the latest version 20240628 of gaizhenbiao/chuanhuchatgpt, an issue exists in the /file endpoint that allows authenticated users to access the chat history of other users. When a user logs in, a directory is created in the history folder with the user's name. By manipulating the /file endpoint...
PYSEC-2024-113
In the latest version 20240628 of gaizhenbiao/chuanhuchatgpt, an issue exists in the /file endpoint that allows authenticated users to access the chat history of other users. When a user logs in, a directory is created in the history folder with the user's name. By manipulating the /file endpoint...
CVE-2024-8143
The CVE-2024-8143 issue affects gaizhenbiao/chuanhuchatgpt (latest 20240628). A flaw in the /file endpoint lets an authenticated user enumerate and read other users’ chat histories by exploiting directory-creation behavior under history/. Root cause: insufficient access control around per-user hi...
CVE-2024-8143 Unauthorized Access to User Chat History in gaizhenbiao/chuanhuchatgpt
In the latest version 20240628 of gaizhenbiao/chuanhuchatgpt, an issue exists in the /file endpoint that allows authenticated users to access the chat history of other users. When a user logs in, a directory is created in the history folder with the user's name. By manipulating the /file endpoint...
PT-2024-16261 · Unknown · Code-Projects Blood Bank Management System
Name of the Vulnerable Software and Affected Versions: code-projects Blood Bank Management System version 1.0 Description: A critical issue has been found in the system, affecting an unknown function of the file /file/delete.php. The manipulation of the bid argument leads to SQL injection. This...
PT-2024-33482 · Zimaos · Zimaos
Name of the Vulnerable Software and Affected Versions: ZimaOS versions 1.2.4 and earlier Description: The issue allows authenticated users to perform a directory traversal attack via the API endpoint http:///v2 1/file, enabling access to sensitive system directories such as /etc. This could expos...