6 matches found
CVE-2022-31583
The sravaniboinepelli/AutomatedQuizEval repository through 2020-04-27 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
AutomatedQuizEval path traversal vulnerability
AutomatedQuizEval, an automated quiz evaluation system from the personal developer Sravani Boinepelli, suffers from a path traversal vulnerability that stems from the failure of Flask's sendfile function to properly filter special elements in resource or file paths, which could be exploited by...
CVE-2022-31583
The sravaniboinepelli/AutomatedQuizEval repository through 2020-04-27 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31583
The sravaniboinepelli/AutomatedQuizEval repository through 2020-04-27 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
Path traversal
The sravaniboinepelli/AutomatedQuizEval repository through 2020-04-27 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31583
The CVE-2022-31583 entry documents a path-traversal vulnerability in the sravaniboinepelli/AutomatedQuizEval repository (through 2020-04-27). The root cause is unsafe use of Flaskās send_file, which allows absolute path traversal and potential access to arbitrary files/directories on the file sys...