Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 5:15 a.m.6 views

CVE-2024-1520

An OS Command Injection vulnerability exists in the '/opencodefolder' endpoint of the parisneo/lollms-webui application, due to improper validation of user-supplied input in the 'discussionid' parameter. Attackers can exploit this vulnerability by injecting malicious OS commands, leading to...

9.8CVSS7.3AI score0.48214EPSS
Exploits1References1
NVD
NVD
added 2024/04/10 5:15 p.m.8 views

CVE-2024-1520

An OS Command Injection vulnerability exists in the '/opencodefolder' endpoint of the parisneo/lollms-webui application, due to improper validation of user-supplied input in the 'discussionid' parameter. Attackers can exploit this vulnerability by injecting malicious OS commands, leading to...

9.8CVSS9.5AI score0.48214EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/04/10 5:8 p.m.11 views

CVE-2024-1520 OS Command Injection in parisneo/lollms-webui

An OS Command Injection vulnerability exists in the '/opencodefolder' endpoint of the parisneo/lollms-webui application, due to improper validation of user-supplied input in the 'discussionid' parameter. Attackers can exploit this vulnerability by injecting malicious OS commands, leading to...

9.8CVSS9.4AI score0.48214EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/04/10 5:8 p.m.20 views

CVE-2024-1520 OS Command Injection in parisneo/lollms-webui

An OS Command Injection vulnerability exists in the '/opencodefolder' endpoint of the parisneo/lollms-webui application, due to improper validation of user-supplied input in the 'discussionid' parameter. Attackers can exploit this vulnerability by injecting malicious OS commands, leading to...

9.8CVSS9.7AI score0.48214EPSS
Exploits1References2
CVE
CVE
added 2024/04/10 5:8 p.m.85 views

CVE-2024-1520

The CVE-2024-1520 entry concerns an OS command injection in parisneo/lollms-webui, via improper validation of the discussion_id parameter on the /open_code_folder endpoint. Affected component is the web UI’s input handling, allowing an attacker to inject OS commands and achieve remote code execut...

9.8CVSS9.3AI score0.48214EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2024/04/10 5:8 p.m.19 views

CVE-2024-1520 OS Command Injection in parisneo/lollms-webui

An OS Command Injection vulnerability exists in the '/opencodefolder' endpoint of the parisneo/lollms-webui application, due to improper validation of user-supplied input in the 'discussionid' parameter. Attackers can exploit this vulnerability by injecting malicious OS commands, leading to...

9.8CVSS7.3AI score0.48214EPSS
Exploits1References4
Rows per page
Query Builder