4 matches found
Local File Inclusion (LFI)
nicegui is vulnerable to Local File Inclusion. The vulnerability is due to improper handling of resource file requests under the /nicegui/version/resources/key/path:path route, allowing attackers with access to the NiceUI leaflet website to read any file on the backend filesystem accessible to th...
NiceGUI allows potential access to local file system
NiceGUI is an easy-to-use, Python-based UI framework. A local file inclusion is present in the NiceUI leaflet component when requesting resource files under the /nicegui/version/resources/key/path:path route. As a result any file on the backend filesystem which the web server has access to can be...
CVE-2024-32005
NiceGUI is an easy-to-use, Python-based UI framework. A local file inclusion is present in the NiceUI leaflet component when requesting resource files under the /nicegui/version/resources/key/path:path route. As a result any file on the backend filesystem which the web server has access to can be...
CVE-2024-32005 Local File Inclusion in NiceGUI leaflet component
NiceGUI is an easy-to-use, Python-based UI framework. A local file inclusion is present in the NiceUI leaflet component when requesting resource files under the /nicegui/version/resources/key/path:path route. As a result any file on the backend filesystem which the web server has access to can be...