Lucene search
+L

7 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 3:50 a.m.8 views

CVE-2024-27292

Docassemble is an expert system for guided interviews and document assembly. The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. The vulnerability has been patched in version 1.4.97 of the mast...

7.5CVSS6.7AI score0.69486EPSS
Exploits2References1
GithubExploit
GithubExploit
added 2024/12/21 3:35 a.m.468 views

Exploit for CVE-2024-27292

Docassemblepoc Docassemble任意文件读取漏洞CVE-2024-27292 python D...

7.5CVSS7AI score0.69486EPSS
Exploits2
Circl
Circl
added 2024/07/01 11:7 a.m.7 views

CVE-2024-27292

creationtimestamp| type| source ---|---|--- 2024-07-01 11:07:29+00:00| published-proof-of-concept| https://t.me/thebugbountyhunter/8887 2024-07-06 17:27:40+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/10791 2024-07-09 10:22:28+00:00| published-proof-of-concept|...

7.5CVSS7.2AI score0.69486EPSS
Exploits2References6
vulnersOsv
vulnersOsv
added 2024/02/29 10:14 p.m.6 views

docassemble-stubs (=1.4.72b1) potentially affected by CVE-2024-27292 via docassemble-base (=1.4.72)

docassemble-base PYPI version =1.4.72 is affected by a known vulnerability. The following packages have a transitive dependency on docassemble-base and may be impacted: - docassemble-stubs =1.4.72b1 Source cves: CVE-2024-27292 Source advisory: OSV:GHSA-JQ57-3W7P-VWVV...

7.5CVSS7.1AI score0.69486EPSS
Exploits2
CVE
CVE
added 2024/02/29 9:56 p.m.177 views

CVE-2024-27292

Docassemble (1.4.53–1.4.96) is affected by CVE-2024-27292: an unauthenticated information disclosure via URL manipulation in the interview endpoint. The issue enables reading arbitrary server information; patch is available in version 1.4.97 of the master branch. The vulnerability has CVSS 3.1 ba...

7.5CVSS7.5AI score0.69486EPSS
Exploits2References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/29 9:56 p.m.24 views

CVE-2024-27292 Docassemble unauthorized access through URL manipulation

Docassemble is an expert system for guided interviews and document assembly. The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. The vulnerability has been patched in version 1.4.97 of the mast...

7.5CVSS6.7AI score0.69486EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2017/09/26 12:0 a.m.2700 views

Generic HTTP Directory Traversal / File Inclusion (Web Application URL Parameter) - Active Check

Generic check for HTTP directory traversal / file inclusion vulnerabilities within URL parameters of the remote web application. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

10CVSS6.7AI score0.82036EPSS
Exploits108References4
Rows per page
Query Builder