5 matches found
CVE-2024-5548
A directory traversal vulnerability exists in the stitionai/devika repository, specifically within the /api/download-project endpoint. Attackers can exploit this vulnerability by manipulating the 'projectname' parameter in a GET request to download arbitrary files from the system. This issue...
CVE-2024-5548
A directory traversal vulnerability exists in the stitionai/devika repository, specifically within the /api/download-project endpoint. Attackers can exploit this vulnerability by manipulating the 'projectname' parameter in a GET request to download arbitrary files from the system. This issue...
CVE-2024-5548 Directory Traversal in stitionai/devika
A directory traversal vulnerability exists in the stitionai/devika repository, specifically within the /api/download-project endpoint. Attackers can exploit this vulnerability by manipulating the 'projectname' parameter in a GET request to download arbitrary files from the system. This issue...
CVE-2024-5548 Directory Traversal in stitionai/devika
A directory traversal vulnerability exists in the stitionai/devika repository, specifically within the /api/download-project endpoint. Attackers can exploit this vulnerability by manipulating the 'projectname' parameter in a GET request to download arbitrary files from the system. This issue...
CVE-2024-5548
Summary (CVE-2024-5548): A directory traversal vulnerability exists in the stitionai/devika repository, affecting the /api/download-project endpoint. The flaw stems from insufficient input validation in the download_project function, when handling the project_name parameter, enabling an attacker ...