CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

CNVD•added 2022/07/13 12:0 a.m.•24 views

bt_lnmp path traversal vulnerability

btlnmp is a piaoyunsoft personal developer of a pagoda panel-based LNMP environment. btlnmp suffers from a path traversal vulnerability that stems from the failure of the Flask sendfile function to properly filter special elements in a resource or file path, which can be exploited by attackers to...

7.5CVSS4AI score0.0039EPSS

Exploits1References1

ATTACKERKB•added 2022/07/11 1:15 a.m.•1 views

CVE-2022-31578

The piaoyunsoft/btlnmp repository through 2019-10-10 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

7.5CVSS5.3AI score0.0039EPSS

Exploits1References2

OSV•added 2022/07/11 1:15 a.m.•1 views

CVE-2022-31578

The piaoyunsoft/btlnmp repository through 2019-10-10 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

7.5CVSS5.8AI score

Exploits0References1

CVE•added 2022/07/11 1:1 a.m.•64 views

CVE-2022-31578

The CVE-2022-31578 issue affects the piaoyunsoft/bt_lnmp repository (GitHub) where unsafe use of Flask send_file enables absolute path traversal. The root cause is improper filtering of path elements, allowing an attacker to access arbitrary files and directories on the host filesystem. Affected ...

7.5CVSS7.6AI score0.0039EPSS

Exploits1References1Affected Software1