Lucene search
K

5 matches found

vulnersOsv
vulnersOsv
added 2024/01/13 6:30 a.m.2 views

projects-manager (>=0.8.3.3 <=0.8.3.4) potentially affected by CVE-2023-52289 via flaskcode (=0.0.8)

flaskcode PYPI version =0.0.8 is affected by a known vulnerability. The following packages have a transitive dependency on flaskcode and may be impacted: - projects-manager =0.8.3.3, =0.8.3.4 Source cves: CVE-2023-52289 Source advisory: OSV:GHSA-V3RG-QM46-XRG9...

7.5CVSS7.1AI score0.00718EPSS
Exploits0
NVD
NVD
added 2024/01/13 4:15 a.m.22 views

CVE-2023-52289

An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated directory traversal, exploitable with a POST request to a /update-resource-data/ URI from views.py, allows attackers to write to arbitrary files...

7.5CVSS7.7AI score0.00718EPSS
Exploits0References1
CVE
CVE
added 2024/01/13 12:0 a.m.50 views

CVE-2023-52289

The CVE-2023-52289 entry affects the Python package flaskcode up to version 0.0.8. Affected component: the /update-resource-data/ endpoint (views.py) in Flaskcode. Root cause: unauthenticated directory traversal that allows writing to arbitrary files. Impact: high, via a network-exposed POST requ...

7.5CVSS7.6AI score0.00718EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/13 12:0 a.m.26 views

CVE-2023-52289

An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated directory traversal, exploitable with a POST request to a /update-resource-data/ URI from views.py, allows attackers to write to arbitrary files...

7AI score0.00718EPSS
Exploits0References1
OSV
OSV
added 2024/01/13 12:0 a.m.16 views

CVE-2023-52289

An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated directory traversal, exploitable with a POST request to a /update-resource-data/ URI from views.py, allows attackers to write to arbitrary files...

7.5CVSS7.7AI score0.00718EPSS
Exploits0References3
Rows per page
Query Builder