EUVD-2024-2610

Malicious code in bioql PyPI...

CVE-2024-42485

Filament Excel enables excel export for Filament admin resources. The export download route /filament-excel/path allowed downloading any file without login when the webserver allows ../ in the URL. Patched with Version v2.3.3...

Path Traversal

Filament Excel is vulnerable to Path Traversal. The vulnerability is due to improper validation of file paths in the export download route '/filament-excel/path', allowing the use of ../ to navigate directories and access unauthorized files...

GHSA-M3PX-VJXR-FX4M Filament Excel Vulnerable to Path Traversal Attack on Export Download Endpoint

Impact The export download route /filament-excel/path allowed downloading any file without login when the webserver allows ../ in the URL. Patches Patched with Version v2.3.3 Credits Thanks to Kevin Pohl for reporting this...

Filament Excel Vulnerable to Path Traversal Attack on Export Download Endpoint

Impact The export download route /filament-excel/path allowed downloading any file without login when the webserver allows ../ in the URL. Patches Patched with Version v2.3.3 Credits Thanks to Kevin Pohl for reporting this...

CVE-2024-42485

Filament Excel enables excel export for Filament admin resources. The export download route /filament-excel/path allowed downloading any file without login when the webserver allows ../ in the URL. Patched with Version v2.3.3...

CVE-2024-42485 Filament Excel Vulnerable to Path Traversal Attack on Export Download Endpoint

Filament Excel enables excel export for Filament admin resources. The export download route /filament-excel/path allowed downloading any file without login when the webserver allows ../ in the URL. Patched with Version v2.3.3...

CVE-2024-42485 Filament Excel Vulnerable to Path Traversal Attack on Export Download Endpoint

Filament Excel enables excel export for Filament admin resources. The export download route /filament-excel/path allowed downloading any file without login when the webserver allows ../ in the URL. Patched with Version v2.3.3...

CVE-2024-42485

CVE-2024-42485 affects Filament Excel. The vulnerability exists in the export download route /filament-excel/{path}, where an attacker could leverage directory traversal using ../ to download arbitrary files without authentication when the webserver allows such paths. This could disclose sensitiv...

CVE-2024-42485 Filament Excel Vulnerable to Path Traversal Attack on Export Download Endpoint

Filament Excel enables excel export for Filament admin resources. The export download route /filament-excel/path allowed downloading any file without login when the webserver allows ../ in the URL. Patched with Version v2.3.3...

PT-2024-29982 · Unknown · Filament Excel

Name of the Vulnerable Software and Affected Versions: Filament Excel versions prior to v2.3.3 Description: The export download route "/filament-excel/path" allowed downloading any file without login when the webserver allows ../ in the URL. This issue was reported by Kevin Pohl. Recommendations:...

Filament Excel 安全漏洞

Filament Excel is a tool by Dennis Koch, a personal developer. Easily configure Excel exports in Filament through batch or page operations. A security vulnerability exists in Filament Excel that stems from allowing any file to be downloaded without logging in...