17 matches found
CVE-2025-57203
MagicProject AI version 9.1 is affected by a Cross-Site Scripting XSS vulnerability within the chatbot generation feature available to authenticated admin users. The vulnerability resides in the prompt parameter submitted to the /dashboard/user/generator/generate-stream endpoint via a...
CVE-2025-57203
MagicProject AI version 9.1 is affected by a Cross-Site Scripting XSS vulnerability within the chatbot generation feature available to authenticated admin users. The vulnerability resides in the prompt parameter submitted to the /dashboard/user/generator/generate-stream endpoint via a...
CVE-2025-57203
MagicProject AI version 9.1 is affected by a Cross-Site Scripting XSS vulnerability within the chatbot generation feature available to authenticated admin users. The vulnerability resides in the prompt parameter submitted to the /dashboard/user/generator/generate-stream endpoint via a...
PT-2025-39066
Name of the Vulnerable Software and Affected Versions MagicProject AI version 9.1 Description MagicProject AI version 9.1 is affected by a Cross-Site Scripting XSS issue within the chatbot generation feature accessible to authenticated admin users. The issue is located in the prompt parameter...
The vulnerability of the PCMan FTP Server relates to the occurrence of operations beyond the buffer boundaries in memory. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the PCMan FTP Server relates to the execution of operations beyond the buffer boundaries in memory when processing the prompt parameter. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...
GHSA-7GFQ-F96F-G85J langchain vulnerable to arbitrary code execution
An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via the via the a json file to the loadprompt parameter. This is related to subclasses or a template...
PYSEC-2023-151
An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via the via the a json file to the loadprompt parameter...
PT-2023-25510 · Langchain · Langchain
Name of the Vulnerable Software and Affected Versions: langchain version 0.0.171 Description: An issue in langchain allows a remote attacker to execute arbitrary code via a JSON file to the load prompt parameter. This is related to subclasses or a template. Recommendations: For langchain version...
GHSA-FJ32-Q626-PJJC LangChain vulnerable to arbitrary code execution
An issue in LangChain prior to v.0.0.247 allows a remote attacker to execute arbitrary code via the prompt parameter...
CVE-2023-38860
An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter...
CVE-2023-38860
An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter...
Code injection
An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter...
PYSEC-2023-145
An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter...
PYSEC-2023-145
An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter...
LangChain Code Injection Vulnerability
LangChain is used to build applications using LLM through composability. A security vulnerability exists in LangChain version v.0.0.231 that originates from allowing remote attackers to execute arbitrary code via a prompt parameter...
PT-2023-26641 · Langchain · Langchain
Name of the Vulnerable Software and Affected Versions: LangChain versions 0.0.231 through 0.0.246 Description: An issue in LangChain allows a remote attacker to execute arbitrary code via the prompt parameter. This enables the attacker to potentially gain control over the system, leading to sever...
CVE-2023-38860
An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter...