CVE-2024-5982

A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability arises from unsanitized input handling in multiple features, including user upload, directory creation, and template loading. Specifically, the loadchathistory function in...

CVE-2024-5982 Path Traversal in gaizhenbiao/chuanhuchatgpt

A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability arises from unsanitized input handling in multiple features, including user upload, directory creation, and template loading. Specifically, the loadchathistory function in...

CVE-2024-5982 Path Traversal in gaizhenbiao/chuanhuchatgpt

A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability arises from unsanitized input handling in multiple features, including user upload, directory creation, and template loading. Specifically, the loadchathistory function in...

acedeploy (>=2.4.15 <=2.4.115), apache-airflow-providers-snowflake (>=2.4.0 <=2.5.1rc1) +121 more potentially affected by CVE-2024-49750 via snowflake-connector-python (>=1.7.11 <=3.12.2)

snowflake-connector-python PYPI version =1.7.11, =2.4.15, =2.4.0, =0.0.4, =0.1.0, =1.13.21, =20230717.1.0, =0.4.0, =0.1.0, =0.4.0, =0.5.1, =1.0.5, =1.0.6 and more Source cves: CVE-2024-49750 Source advisory: OSV:PYSEC-2024-191...

OpenRefine has a reflected cross-site scripting vulnerability (XSS) from POST request in ExportRowsCommand

Summary The export-rows command can be used in such a way that it reflects part of the request verbatim, with a Content-Type header also taken from the request. An attacker could lead a user to a malicious page that submits a form POST that contains embedded JavaScript code. This code would then ...

GHSA-79JV-5226-783F OpenRefine has a reflected cross-site scripting vulnerability (XSS) from POST request in ExportRowsCommand

Summary The export-rows command can be used in such a way that it reflects part of the request verbatim, with a Content-Type header also taken from the request. An attacker could lead a user to a malicious page that submits a form POST that contains embedded JavaScript code. This code would then ...

BIT-GRAFANA-2023-5122 SSRF in CSV Datasource Plugin

Grafana is an open-source platform for monitoring and observability. The CSV datasource plugin is a Grafana Labs maintained plugin for Grafana that allows for retrieving and processing CSV data from a remote endpoint configured by an administrator. If this plugin was configured to send requests t...

CVE-2024-9987

A post-authentication SQL Injection vulnerability within the filters parameter of the extensions/agentsmodulescsv functionality. This issue affects Pandora FMS: from 700 through 777.3...

CVE-2024-9987 SQL Injection in CSV Module Data Collection

A post-authentication SQL Injection vulnerability within the filters parameter of the extensions/agentsmodulescsv functionality. This issue affects Pandora FMS: from 700 through 777.3...

CVE-2024-9987 SQL Injection in CSV Module Data Collection

A post-authentication SQL Injection vulnerability within the filters parameter of the extensions/agentsmodulescsv functionality. This issue affects Pandora FMS: from 700 through 777.3...

Pandora FMS SQL注入漏洞

Pandora FMS is a monitoring system from Pandora FMS, USA. The system monitors networks, servers, virtual infrastructures, applications, etc. through visualization. A security vulnerability exists in Pandora FMS that stems from a post-authentication SQL injection vulnerability in the filters...

CVE-2024-47485

There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable commands in the CSV file...

CVE-2024-47485

There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable commands in the CSV file...

CVE-2024-47485

CVE-2024-47485 describes a CSV injection vulnerability in some HikCentral Master Lite versions. The CSV injection could allow an attacker to craft data that leads to executable commands when the CSV file is processed. Affected component is the HikCentral Master Lite CSV handling; root cause is in...

CVE-2024-47485

There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable commands in the CSV file...

CVE-2024-49244 WordPress SV Product Import Export for WooCommerce plugin <= 1.0.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in vrinsoft CSV Product Import Export for WooCommerce csv-wc-product-import-export.This issue affects CSV Product Import Export for WooCommerce: from n/a through = 1.0.0...

CVE-2024-49244

CVE-2024-49244 describes a SQL Injection in the cmssoft CSV Product Import Export for WooCommerce plugin, affecting versions 1.0.0 and earlier. The vulnerability stems from improper sanitization of input used in SQL commands. Public records (NVD, Red Hat, Patchstack) list the vulnerability with C...

PT-2024-33382 · Cmssoft · Cmssoft Csv Product Import Export For Woocommerce

Name of the Vulnerable Software and Affected Versions: cmssoft CSV Product Import Export for WooCommerce versions 1.0.0 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL...

WordPress plugin CSV Product Import Export for WooCommerce SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

WordPress SV Product Import Export for WooCommerce plugin <= 1.0.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin CSV Product Import Export for WooCommerce versions = 1.0.0...