6 matches found
CVE-2026-7086
A vulnerability was identified in HBAI-Ltd Toonflow-app up to 1.1.1. This issue affects the function updateStoryboardUrl of the file replaceUrl.ts of the component Storyboard Export. Such manipulation of the argument url leads to path traversal. It is possible to launch the attack remotely. The...
CVE-2026-7086
The CVE concerns HBAI-Ltd Toonflow-app up to v1.1.1, affecting the function updateStoryboardUrl in replaceUrl.ts (Storyboard Export). The issue enables path traversal via the url argument and can be triggered remotely. An exploit is publicly available, but the report notes it is still unclear whe...
CVE-2026-7086 HBAI-Ltd Toonflow-app Storyboard Export replaceUrl.ts updateStoryboardUrl path traversal
A vulnerability was identified in HBAI-Ltd Toonflow-app up to 1.1.1. This issue affects the function updateStoryboardUrl of the file replaceUrl.ts of the component Storyboard Export. Such manipulation of the argument url leads to path traversal. It is possible to launch the attack remotely. The...
EUVD-2026-25770
A vulnerability was identified in HBAI-Ltd Toonflow-app up to 1.1.1. This issue affects the function updateStoryboardUrl of the file replaceUrl.ts of the component Storyboard Export. Such manipulation of the argument url leads to path traversal. It is possible to launch the attack remotely. The...
Toonflow 路径遍历漏洞
Toonflow is an AI short story production platform developed by HBAI-Ltd. Versions of Toonflow prior to 1.1.1 contained a path traversal vulnerability. This vulnerability stemmed from the updateStoryboardUrl function in the Storyboard Export component, which improperly handled the url parameter,...
PT-2026-35352
A vulnerability was identified in HBAI-Ltd Toonflow-app up to 1.1.1. This issue affects the function updateStoryboardUrl of the file replaceUrl.ts of the component Storyboard Export. Such manipulation of the argument url leads to path traversal. It is possible to launch the attack remotely. The...