Flowise: Path Traversal in Vector Store basePath

Summary The Faiss and SimpleStore LlamaIndex vector store implementations accept a basePath parameter from user-controlled input and pass it directly to filesystem write operations without any sanitization. An authenticated attacker can exploit this to write vector store data to arbitrary locatio...

Directory Traversal

Overview flowise-components is a Flowiseai Components Affected versions of this package are vulnerable to Directory Traversal via the vector store path handling in Faiss.ts and SimpleStore.ts. An attacker can read from or write to unintended filesystem locations by supplying a crafted basePath wh...

EUVD-2025-200097

Better Auth affected by external request basePath modification DoS...

EUVD-2006-6509

Malware in sbrugna...

EUVD-2018-13245

Malware in sbrugna...

EUVD-2004-1813

Malware in sbrugna...

CVE-2025-1368

A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux. It has been declared as problematic. This vulnerability affects the function ReadConfiguration of the file /opt/MicroWorld/etc/mwav.conf. The manipulation of the argument BasePath leads to buffer overflow. Local access is...

MicroWorld eScan Antivirus 安全漏洞

MicroWorld eScan Antivirus is an antivirus software from MicroWorld. A security vulnerability exists in MicroWorld eScan Antivirus version 7.0.32, which originates from a buffer overflow caused by the parameter BasePath in the ReadConfiguration function of the /opt/MicroWorld/etc/mwav.conf file...

PT-2025-6898 · Microworld · Microword Escan Antivirus

Name of the Vulnerable Software and Affected Versions: MicroWord eScan Antivirus version 7.0.32 Description: A vulnerability was found in MicroWord eScan Antivirus on Linux, affecting the function ReadConfiguration of the file /opt/MicroWorld/etc/mwav.conf. The manipulation of the argument BasePa...

Design/Logic Flaw

The floragunn Search Guard plugin before 6.x-16 for Kibana allows URL injection for login redirects on the login page when basePath is set...

CVE-2018-20698

The floragunn Search Guard plugin before 6.x-16 for Kibana allows URL injection for login redirects on the login page when basePath is set...

CVE-2018-20698

The floragunn Search Guard plugin before 6.x-16 for Kibana allows URL injection for login redirects on the login page when basePath is set...

CVE-2018-20698

CVE-2018-20698 affects the floragunn Search Guard plugin for Kibana (pre-6.x-16). The vulnerability is described as URL injection for login redirects on the login page when a basePath is configured. The connected sources reiterate this flaw but do not provide product-specific exploit details, aff...

CVE-2018-20698

The floragunn Search Guard plugin before 6.x-16 for Kibana allows URL injection for login redirects on the login page when basePath is set...

WarpSpeed 4nAlbum Module 0.92 displaycategory.php basepath Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/9881/info It has been reported that 4nAlbum is prone to multiple vulnerabilities. These issues are primarily due to a failure of the module to validate user input. There is an information disclosure issue with the...

CVE-2007-5780

PHP remote file inclusion vulnerability in pub/pub08comments.php in teatro 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the basePath parameter...

teatro 1.6 (basePath) Remote File Include Vulnerability

No description provided by source. teatro 1.6 Remote File Include Vulnerability Download script : http://telemat.die.unifi.it/book/2003/Telematica-II/teatro-1.6.tgz Dicovered by : Alkomandoz Hacker Contact : [email protected]...

teatro 1.6 ( basePath ) Remote File Include Vulnerability

======================================================================== teatro 1.6 Remote File Include Vulnerability Download script : http://telemat.die.unifi.it/book/2003/Telematica-II/teatro-1.6.tgz Dicovered by : Alkomandoz Hacker Contact : [email protected]...

teatro 1.6 (basePath) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ======================================================= teatro 1.6 basePath Remote File Include Vulnerability ======================================================= teatro 1.6 Remote File Include Vulnerability Download script :...

teatro 1.6 - 'basePath' Remote File Inclusion

teatro 1.6 Remote File Include Vulnerability Download script : http://telemat.die.unifi.it/book/2003/Telematica-II/teatro-1.6.tgz Dicovered by : Alkomandoz Hacker Contact : [email protected] =========================================================================...