3 matches found
VulnCheck KEV: CVE-2023-35843
NocoDB through 0.106.0 or 0.109.1 has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server by manipulating the path parameter of the /download route. This vulnerability could allow an attacker to access sensitive files and data on the...
CVE-2023-35843
NocoDB is affected by a path traversal vulnerability affecting versions up to 0.106.0 (and in some references up to 0.109.1). An unauthenticated attacker can access arbitrary server files by manipulating the path parameter of the /download route, potentially exposing configuration files, source c...
CVE-2023-35843
NocoDB through 0.106.0 or 0.109.1 has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server by manipulating the path parameter of the /download route. This vulnerability could allow an attacker to access sensitive files and data on the...