6 matches found
CVE-2026-7065
A vulnerability has been found in BidingCC BuildingAI up to 26.0.1. Impacted is the function uploadRemoteFile of the file packages/core/src/modules/upload/services/file-storage.service.ts of the component Remote Upload API. The manipulation of the argument url leads to server-side request forgery...
CVE-2026-7065
A vulnerability has been found in BidingCC BuildingAI up to 26.0.1. Impacted is the function uploadRemoteFile of the file packages/core/src/modules/upload/services/file-storage.service.ts of the component Remote Upload API. The manipulation of the argument url leads to server-side request forgery...
BuildingAI 代码问题漏洞
BuildingAI is an enterprise-level open-source intelligence platform for individual developers, enabling the visualization configuration of AI applications. Versions of BuildingAI prior to 26.0.1 have code vulnerabilities; these vulnerabilities stem from the handling of the url parameter in the...
CVE-2026-7065
A vulnerability has been found in BidingCC BuildingAI up to 26.0.1. Impacted is the function uploadRemoteFile of the file packages/core/src/modules/upload/services/file-storage.service.ts of the component Remote Upload API. The manipulation of the argument url leads to server-side request forgery...
PT-2026-35272
Name of the Vulnerable Software and Affected Versions BidingCC BuildingAI versions prior to 26.0.2 Description The Remote Upload API contains a server-side request forgery SSRF issue. This occurs when the uploadRemoteFile function in the...
CVE-2025-2219
CVE-2025-2219 affects LoveCards LoveCardsV2 up to 2.3.2. The issue arises from how the parameter file in /api/upload/image is processed, allowing unrestricted image uploads. It is exploitable remotely over the network (no authentication required) and, per the descriptions, the exploit has been di...