Lucene search
K

5 matches found

NVD
NVD
added 2024/06/27 6:15 p.m.28 views

CVE-2024-5547

A directory traversal vulnerability exists in the /api/download-project-pdf endpoint of the stitionai/devika repository, affecting the latest version. The vulnerability arises due to insufficient sanitization of the 'projectname' parameter in the downloadprojectpdf function. Attackers can exploit...

7.5CVSS0.01EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/06/27 5:33 p.m.24 views

CVE-2024-5547 Directory Traversal in stitionai/devika

A directory traversal vulnerability exists in the /api/download-project-pdf endpoint of the stitionai/devika repository, affecting the latest version. The vulnerability arises due to insufficient sanitization of the 'projectname' parameter in the downloadprojectpdf function. Attackers can exploit...

7.5CVSS0.01EPSS
Exploits1References2
CVE
CVE
added 2024/06/27 5:33 p.m.55 views

CVE-2024-5547

CVE-2024-5547 is a directory traversal vulnerability in the stitionai/devika repository, exposed via the GET /api/download-project-pdf endpoint. The issue stems from insufficient sanitization of the project_name parameter in the download_project_pdf function, enabling an attacker to manipulate th...

7.5CVSS7.4AI score0.01EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/27 5:33 p.m.11 views

CVE-2024-5547 Directory Traversal in stitionai/devika

A directory traversal vulnerability exists in the /api/download-project-pdf endpoint of the stitionai/devika repository, affecting the latest version. The vulnerability arises due to insufficient sanitization of the 'projectname' parameter in the downloadprojectpdf function. Attackers can exploit...

7.5CVSS7.4AI score0.01EPSS
Exploits1References2
OSV
OSV
added 2024/06/27 5:33 p.m.18 views

CVE-2024-5547 Directory Traversal in stitionai/devika

A directory traversal vulnerability exists in the /api/download-project-pdf endpoint of the stitionai/devika repository, affecting the latest version. The vulnerability arises due to insufficient sanitization of the 'projectname' parameter in the downloadprojectpdf function. Attackers can exploit...

7.5CVSS7AI score0.01EPSS
Exploits1References4
Rows per page
Query Builder