Lucene search
K

30 matches found

ATTACKERKB
ATTACKERKB
added 2023/06/19 2:15 a.m.2 views

CVE-2023-35844

packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension .csv or .png is used...

7.5CVSS5.3AI score0.06344EPSS
Exploits2References6
NVD
NVD
added 2023/06/19 2:15 a.m.24 views

CVE-2023-35844

packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension .csv or .png is used...

7.5CVSS7.6AI score0.06344EPSS
Exploits2References4
OSV
OSV
added 2023/06/19 2:15 a.m.15 views

CVE-2023-35844

packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension .csv or .png is used...

7.5CVSS7.2AI score
Exploits0References4
Prion
Prion
added 2023/06/19 2:15 a.m.23 views

Directory traversal

packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension .csv or .png is used...

5CVSS7.6AI score0.06344EPSS
Exploits2References4Affected Software1
CNNVD
CNNVD
added 2023/06/19 12:0 a.m.4 views

Lightdash 路径遍历漏洞

Lightdash is visual data analysis tool. A security vulnerability exists in Lightdash versions prior to 0.510.3. An attacker can exploit the vulnerability to access files and directories stored outside of the web root folder...

7.5CVSS7.4AI score0.06344EPSS
Exploits2References5
Vulnrichment
Vulnrichment
added 2023/06/19 12:0 a.m.11 views

CVE-2023-35844

packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension .csv or .png is used...

6.9AI score0.06344EPSS
Exploits2References4
Cvelist
Cvelist
added 2023/06/19 12:0 a.m.27 views

CVE-2023-35844

packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension .csv or .png is used...

7.8AI score0.06344EPSS
Exploits2References4
CVE
CVE
added 2023/06/19 12:0 a.m.67 views

CVE-2023-35844

Lightdash

7.5CVSS7.5AI score0.06344EPSS
In wildExploits2References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/14 12:0 a.m.6 views

PT-2023-6481 · Lightdash · Lightdash

Name of the Vulnerable Software and Affected Versions: Lightdash versions prior to 0.510.3 Description: The issue is related to incorrect restriction of a directory path name with limited access. This can allow a remote attacker to gain unauthorized access to protected information. The...

7.8CVSS7.3AI score0.06344EPSS
Exploits2References15
Huntr
Huntr
added 2023/04/11 10:59 p.m.21 views

Path Traversal at Slack Image Endpoint

Summary Lightdash version \ Required. 1. Install the Lightdash server & database. \ 2. Connect Lightdash to a dbt project and add some metrics. 3. Create and share insights with your team. 4. Craft...

7.2AI score
Exploits0
Rows per page
Query Builder