Lucene search
K

27 matches found

CVE
CVE
added 2026/04/27 3:45 a.m.20 views

CVE-2026-7084

CVE-2026-7084 affects HBAI-Ltd Toonflow-app (up to 1.1.1). The issue is in the fetch of the file src/routes/setting/vendorConfig/getCodeByLink.ts via the getCodeByLink endpoint, where manipulating the Link parameter leads to server-side request forgery. It can be exploited remotely; an exploit is...

6.5CVSS6AI score0.00262EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.23 views

PT-2026-35350

A vulnerability was found in HBAI-Ltd Toonflow-app up to 1.1.1. This affects the function fetch of the file src/routes/setting/vendorConfig/getCodeByLink.ts of the component getCodeByLink Endpoint. The manipulation of the argument Link results in server-side request forgery. The attack may be...

6.5CVSS6AI score0.00262EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.19 views

PT-2026-35351

A vulnerability was determined in HBAI-Ltd Toonflow-app up to 1.1.1. This vulnerability affects the function z.url of the file src/routes/setting/about/downloadApp.ts of the component downloadApp Endpoint. This manipulation of the argument url causes path traversal. It is possible to initiate the...

5CVSS5.1AI score0.00248EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.18 views

PT-2026-35352

A vulnerability was identified in HBAI-Ltd Toonflow-app up to 1.1.1. This issue affects the function updateStoryboardUrl of the file replaceUrl.ts of the component Storyboard Export. Such manipulation of the argument url leads to path traversal. It is possible to launch the attack remotely. The...

5.3CVSS4.8AI score0.00408EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.10 views

Toonflow 路径遍历漏洞

Toonflow is an AI short story production platform developed by HBAI-Ltd. Versions of Toonflow prior to 1.1.1 contained a path traversal vulnerability. This vulnerability stemmed from the updateStoryboardUrl function in the Storyboard Export component, which improperly handled the url parameter,...

5.3CVSS5.8AI score0.00408EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.10 views

Toonflow 路径遍历漏洞

Toonflow is an AI short story production platform developed by HBAI-Ltd. Versions of Toonflow prior to 1.1.1 contained a path traversal vulnerability. This vulnerability stemmed from improper handling of the parameter url in the z.url function within the downloadApp.ts file in the downloadApp...

5CVSS5.9AI score0.00248EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.11 views

Toonflow 代码问题漏洞

Toonflow is an AI short story production platform developed by HBAI-Ltd. Versions of Toonflow prior to 1.1.1 contained code vulnerabilities. These vulnerabilities stemmed from improper handling of parameters Link in the fetch function of the src/routes/setting/vendorConfig/getCodeByLink.ts file i...

6.5CVSS6.7AI score0.00262EPSS
Exploits0References1
Rows per page
Query Builder