4 matches found
CVE-2024-6433
The application zips all the files in the folder specified by the user, which allows an attacker to read arbitrary files on the system by providing a crafted path. This vulnerability can be exploited by sending a request to the application with a malicious snapshotpath parameter...
CVE-2024-6433
creationtimestamp| type| source ---|---|--- 2024-07-10 03:47:58+00:00| seen| https://t.me/cvedetector/492...
CVE-2024-6433
CVE-2024-6433 pertains to the Devika/stitionai/devika vulnerability described as Local File Inclusion. The issue arises when the application zips the user-specified folder, enabling an attacker to read arbitrary system files by supplying a crafted path through the snapshot_path parameter. Public ...
CVE-2024-6433 Local File Inclusion in stitionai/devika
The application zips all the files in the folder specified by the user, which allows an attacker to read arbitrary files on the system by providing a crafted path. This vulnerability can be exploited by sending a request to the application with a malicious snapshotpath parameter...