EUVD-2024-2805

Malicious code in bioql PyPI...

EUVD-2024-2790

Malicious code in bioql PyPI...

CVE-2024-47170

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to read arbitrary JSON files at attacker-chosen locations on the server. This issue can lead to unauthorized access to sensitive information an...

CVE-2024-47169

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload arbitrary files to attacker-chosen locations on the server, including JavaScript, enabling the execution of commands within those...

Agnai vulnerable to Relative Path Traversal in Image Upload

Summary A vulnerability has been discovered in Agnai that permits attackers to upload image files at attacker-chosen location on the server. This issue can lead to image file uploads to unauthorized or unintended directories, including overwriting of existing images which may be used for...

GHSA-G54F-66MW-HV66 Agnai vulnerable to Relative Path Traversal in Image Upload

Summary A vulnerability has been discovered in Agnai that permits attackers to upload image files at attacker-chosen location on the server. This issue can lead to image file uploads to unauthorized or unintended directories, including overwriting of existing images which may be used for...

CVE-2024-47171

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload image files at attacker-chosen location on the server. This issue can lead to image file uploads to unauthorized or unintended...

CVE-2024-47170

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to read arbitrary JSON files at attacker-chosen locations on the server. This issue can lead to unauthorized access to sensitive information an...

CVE-2024-47169

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload arbitrary files to attacker-chosen locations on the server, including JavaScript, enabling the execution of commands within those...

GHSA-H355-HM5H-CM8H Agnai File Disclosure Vulnerability: JSON via Path Traversal

CWE-35: Path Traversal https://cwe.mitre.org/data/definitions/35.html CVSSv3.1 4.3 - Medium CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N Summary A vulnerability has been discovered in Agnai that permits attackers to read arbitrary JS...

Agnai File Disclosure Vulnerability: JSON via Path Traversal

CWE-35: Path Traversal https://cwe.mitre.org/data/definitions/35.html CVSSv3.1 4.3 - Medium CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N Summary A vulnerability has been discovered in Agnai that permits attackers to read arbitrary JS...

Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal

Summary A vulnerability has been discovered in Agnai that permits attackers to upload arbitrary files to attacker-chosen locations on the server, including JavaScript, enabling the execution of commands within those files. This issue could result in unauthorized access, full server compromise, da...

GHSA-MPCH-89GM-HM83 Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal

Summary A vulnerability has been discovered in Agnai that permits attackers to upload arbitrary files to attacker-chosen locations on the server, including JavaScript, enabling the execution of commands within those files. This issue could result in unauthorized access, full server compromise, da...

CVE-2024-47171 Agnai vulnerable to Relative Path Traversal in Image Upload

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload image files at attacker-chosen location on the server. This issue can lead to image file uploads to unauthorized or unintended...

CVE-2024-47171 Agnai vulnerable to Relative Path Traversal in Image Upload

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload image files at attacker-chosen location on the server. This issue can lead to image file uploads to unauthorized or unintended...

CVE-2024-47171

Summary : CVE-2024-47171 affects Agnai (multi-user/multi-bot chat system). Versions prior to 1.0.330 are vulnerable to an image-upload flaw where attackers can place files at attacker-chosen server locations, potentially overwriting existing images or placing files in unintended directories. The ...

CVE-2024-47171 Agnai vulnerable to Relative Path Traversal in Image Upload

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload image files at attacker-chosen location on the server. This issue can lead to image file uploads to unauthorized or unintended...

CVE-2024-47170 Agnai File Disclosure Vulnerability: JSON via Path Traversal

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to read arbitrary JSON files at attacker-chosen locations on the server. This issue can lead to unauthorized access to sensitive information an...

CVE-2024-47170

Agnai before 1.0.330 is affected by a path traversal vulnerability that allows an attacker to read arbitrary JSON files on the server when JSON_STORAGE is enabled. The issue arises from reading files without proper validation in the JSON handling path, exposing sensitive configuration data. Versi...

CVE-2024-47170 Agnai File Disclosure Vulnerability: JSON via Path Traversal

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to read arbitrary JSON files at attacker-chosen locations on the server. This issue can lead to unauthorized access to sensitive information an...