4 matches found
CVE-2024-9919
A missing authentication check in the uninstall endpoint of parisneo/lollms-webui V13 allows attackers to perform unauthorized directory deletions. The /uninstall/appname API endpoint does not call the checkaccess function to verify the clientid, enabling attackers to delete directories without...
CVE-2024-9919 Missing Authentication Check in parisneo/lollms-webui
A missing authentication check in the uninstall endpoint of parisneo/lollms-webui V13 allows attackers to perform unauthorized directory deletions. The /uninstall/appname API endpoint does not call the checkaccess function to verify the clientid, enabling attackers to delete directories without...
HCL Technologies HCL Sametime File Upload Vulnerability
HCL Sametime, a conferencing solution from HCL Technologies, has a security vulnerability in HCL Technologies HCL Sametime version 11.6. The vulnerability stems from the fact that the user SID in the application can be modified, which can be exploited to modify the SID to enable arbitrary file...
HCL Technologies HCL Sametime 代码问题漏洞
HCL Sametime, a conferencing solution from HCL Technologies, has a security vulnerability in HCL Technologies HCL Sametime version 11.6. The vulnerability stems from the fact that the user SID in the application can be modified, which can be exploited to modify the SID to enable arbitrary file...