3 matches found
Cinny 输入验证错误漏洞
Cinny is a simple and secure instant messaging client developed by Cinny OpenSource. Versions of Cinny prior to 4.10.3 contained a vulnerability related to input validation errors. This vulnerability arose due to EmojiBoard using an untrusted pack.meta.avatar as a URL without validation, and...
CVE-2026-34524 SillyTavern: Path traversal in `/api/chats/export` and `/api/chats/delete` allows arbitrary file read/delete within user data root
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in chat endpoints allows an authenticated attacker to read...
DEBIAN-CVE-2014-5240
Cross-site scripting XSS vulnerability in wp-includes/pluggable.php in WordPress before 3.9.2, when Multisite is enabled, allows remote authenticated administrators to inject arbitrary web script or HTML, and obtain Super Admin privileges, via a crafted avatar URL...