7 matches found
CVE-2024-27292
Docassemble is an expert system for guided interviews and document assembly. The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. The vulnerability has been patched in version 1.4.97 of the mast...
Exploit for CVE-2024-27292
Docassemblepoc Docassemble任意文件读取漏洞CVE-2024-27292 python D...
CVE-2024-27292
creationtimestamp| type| source ---|---|--- 2024-07-01 11:07:29+00:00| published-proof-of-concept| https://t.me/thebugbountyhunter/8887 2024-07-06 17:27:40+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/10791 2024-07-09 10:22:28+00:00| published-proof-of-concept|...
docassemble-stubs (=1.4.72b1) potentially affected by CVE-2024-27292 via docassemble-base (=1.4.72)
docassemble-base PYPI version =1.4.72 is affected by a known vulnerability. The following packages have a transitive dependency on docassemble-base and may be impacted: - docassemble-stubs =1.4.72b1 Source cves: CVE-2024-27292 Source advisory: OSV:GHSA-JQ57-3W7P-VWVV...
CVE-2024-27292
Docassemble (1.4.53–1.4.96) is affected by CVE-2024-27292: an unauthenticated information disclosure via URL manipulation in the interview endpoint. The issue enables reading arbitrary server information; patch is available in version 1.4.97 of the master branch. The vulnerability has CVSS 3.1 ba...
CVE-2024-27292 Docassemble unauthorized access through URL manipulation
Docassemble is an expert system for guided interviews and document assembly. The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. The vulnerability has been patched in version 1.4.97 of the mast...
Generic HTTP Directory Traversal / File Inclusion (Web Application URL Parameter) - Active Check
Generic check for HTTP directory traversal / file inclusion vulnerabilities within URL parameters of the remote web application. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...