4 matches found
CVE-2024-10047
parisneo/lollms-webui versions v9.9 to the latest are vulnerable to a directory listing vulnerability. An attacker can list arbitrary directories on a Windows system by sending a specially crafted HTTP request to the /openfile endpoint...
CVE-2024-10047
parisneo/lollms-webui versions v9.9 to the latest are vulnerable to a directory listing vulnerability. An attacker can list arbitrary directories on a Windows system by sending a specially crafted HTTP request to the /openfile endpoint...
CVE-2024-10047
CVE-2024-10047 affects parisneo/lollms-webui, versions from v9.9 to the latest. The issue is a directory listing vulnerability exposed via the /open_file endpoint, allowing an attacker to enumerate arbitrary directories on a Windows system. The vulnerability details across connected sources confi...
CVE-2024-10047 Directory Listing Vulnerability in parisneo/lollms-webui
parisneo/lollms-webui versions v9.9 to the latest are vulnerable to a directory listing vulnerability. An attacker can list arbitrary directories on a Windows system by sending a specially crafted HTTP request to the /openfile endpoint...