8 matches found
CVE-2022-31515
The Delor4/CarceresBE repository through 1.0 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CarceresBE path traversal vulnerability
CarceresBE is an SKS parking management system backend open sourced by Delor4. CarceresBE 1.0 and earlier versions have a path traversal vulnerability that stems from a failure of Flask's sendfile function to properly filter special elements in a resource or file path, which could be exploited by...
CVE-2022-31515
The Delor4/CarceresBE repository through 1.0 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31515
The Delor4/CarceresBE repository through 1.0 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31515
The Delor4/CarceresBE repository through 1.0 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
Path traversal
The Delor4/CarceresBE repository through 1.0 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31515
The CVE describes a path traversal vulnerability in the Delor4/CarceresBE repository (through version 1.0) where Flask’s send_file is used unsafely, allowing an attacker to access arbitrary files on the filesystem. Affected component: CarceresBE (backend) built with Flask; root cause is improper ...
CarceresBE 路径遍历漏洞
CarceresBE is an SKS parking management system backend open sourced by Delor4. CarceresBE 1.0 and earlier versions have a path traversal vulnerability that stems from a failure of Flask's sendfile function to properly filter special elements in a resource or file path, which could be exploited by...