103 matches found
CVE-2024-10100 Path Traversal in binary-husky/gpt_academic
A path traversal vulnerability exists in binary-husky/gptacademic version 3.83. The vulnerability is due to improper handling of the file parameter, which is open to path traversal through URL encoding. This allows attackers to view any file on the host system, including sensitive files such as...
CVE-2024-10100
CVE-2024-10100 affects binary-husky/gpt_academic v3.83. Root cause: improper handling of the file parameter allows path traversal via URL encoding. Impact: attackers could view any file on the host, including sensitive files (application files, SSH keys, API keys, configuration values). Public re...
PT-2024-16028 · Unknown · Binary-Husky/Gpt Academic
Name of the Vulnerable Software and Affected Versions: binary-husky/gpt academic version 3.83 Description: A stored cross-site scripting XSS vulnerability exists in the software. The vulnerability occurs at the "/file" endpoint, which renders HTML files. Malicious HTML files containing XSS payloa...