Lucene search
K

6 matches found

EUVD
EUVD
added 2026/05/05 6:33 p.m.5 views

EUVD-2026-27408

A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function getfileid of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Uploaded File Handler. Performing a manipulation results in insufficiently rando...

2.6CVSS4.9AI score0.00235EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/02/11 12:0 a.m.25 views

CVE-2024-50617

Vulnerabilities in the File Download and Get File handler components in CIPPlanner CIPAce before 9.17 allow attackers to download unauthorized files. An authenticated user can easily change the file id parameter or pass the physical file path in the URL query string to retrieve the files. Retriev...

0.00232EPSS
Exploits0References1
NVD
NVD
added 2025/11/30 11:15 a.m.6 views

CVE-2025-13787

A flaw has been found in ZenTao up to 21.7.6-8564. The affected element is the function file::delete of the file module/file/control.php of the component File Handler. Executing manipulation of the argument fileID can lead to improper privilege management. It is possible to launch the attack...

9.1CVSS0.00328EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/11/30 12:0 a.m.14 views

PT-2025-48389

Name of the Vulnerable Software and Affected Versions ZenTao versions up to 21.7.6-8564 Description A flaw exists in ZenTao related to improper privilege management. The issue is located in the file::delete function within the module/file/control.php file of the File Handler component. Manipulati...

9.1CVSS5.3AI score0.00328EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2025/01/30 12:0 a.m.4 views

PT-2025-4031 · Embedai · Embedai

Name of the Vulnerable Software and Affected Versions: EmbedAI versions 2.1 and below Description: An Improper Access Control issue allows an authenticated attacker to obtain files stored by other users by modifying the FILE ID of the endpoint "/embedai/files/show/". Recommendations: For EmbedAI...

5.8CVSS6.2AI score0.00266EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/11/03 12:0 a.m.4 views

WisdomGarden Tronclass ilearn Security Breach

WisdomGarden Tronclass ilearn is a teaching platform from WisdomGarden. A security vulnerability exists in WisdomGarden Tronclass ilearn. The vulnerability stems from the uploading of files without proper privilege control, which allows a remote attacker to log in with general privileges, change...

6.5CVSS6.8AI score0.00855EPSS
Exploits0References2
Rows per page
Query Builder