CVE-2024-1601

An SQL injection vulnerability exists in the deletediscussion function of the parisneo/lollms-webui application, allowing an attacker to delete all discussions and message data. The vulnerability is exploitable via a crafted HTTP POST request to the /deletediscussion endpoint, which internally...

CVE-2024-1601

An SQL injection vulnerability exists in the deletediscussion function of the parisneo/lollms-webui application, allowing an attacker to delete all discussions and message data. The vulnerability is exploitable via a crafted HTTP POST request to the /deletediscussion endpoint, which internally...

CVE-2024-1601

CVE-2024-1601 affects parisneo/lollms-webui; an SQL injection exists in delete_discussion() exploitable via a crafted POST to /delete_discussion with a malicious id parameter, allowing deletion of all records in the discussion and message tables. Impact is data loss; reports indicate this can be ...

CVE-2024-1601 SQL Injection in parisneo/lollms-webui

An SQL injection vulnerability exists in the deletediscussion function of the parisneo/lollms-webui application, allowing an attacker to delete all discussions and message data. The vulnerability is exploitable via a crafted HTTP POST request to the /deletediscussion endpoint, which internally...

LoLLMs SQL注入漏洞

LoLLMs is a Web UI for a large language multimodal system by the individual developer Saifeddine ALOUI. LoLLMs suffers from a SQL injection vulnerability that stems from improper neutralization of special elements used in SQL commands, which allows an attacker to send a carefully crafted HTTP POS...