4 matches found
Directory Traversal
Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Directory Traversal via path traversal in the skill archive extraction logic in SkillPromptInjectionHandler and SkillsSandboxExecutor. An authenticated user with access to...
CVE-2026-34607 Emlog: Path Traversal in emUnZip() allows arbitrary file write leading to RCE
Emlog is an open source website building system. In versions 2.6.2 and prior, a path traversal vulnerability exists in the emUnZip function include/lib/common.php:793. When extracting ZIP archives plugin/template uploads, backup imports, the function calls $zip-extractTo$path without sanitizing Z...
PT-2022-7070 · Unknown · Linuxasmcallgraph
Name of the Vulnerable Software and Affected Versions: LinuxASMCallGraph versions prior to commit 20dba06bd1a3cf260612d4f21547c25002121cd5 Description: The issue is related to incorrect filtering rules of uploaded files, allowing attackers to cause remote code execution on the server side via...
Pluck 路径遍历漏洞
Pluck is a content management system CMS developed using the PHP language. A security vulnerability exists in Pluck-CMS Pluck that stems from a Zip Slip vulnerability in Pluck-CMS Pluck version 4.7.15 that allows an attacker to upload specially crafted zip files, leading to directory traversal an...