5164 matches found
PT-2024-25631 · Moodle +2 · Moodle +2
Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore workshop modules and direct access to the web...
Moodle < 4.1.10, 4.2.x < 4.2.7, 4.3.x < 4.3.4 Multiple Vulnerabilities
Moodle is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:moodle:moodle"; ifdescription...
Gradio Path Traversal vulnerability
A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request...
CVE-2024-0964
A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request...
PYSEC-2024-261
A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request...
CVE-2024-0964
A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request...
Cross site request forgery (csrf)
A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request...
CVE-2024-0964 LFI in Gradio
A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request...
CVE-2024-0964
CVE-2024-0964 describes a local-file-inclusion vulnerability in Gradio caused by a vulnerable user-supplied JSON value in an API request. Affected software is the Gradio Python library (noted in multiple sources referencing gradio-app/gradio). The underlying issue is a path traversal/LFI risk tri...
CVE-2024-0964 LFI in Gradio
A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request...
PT-2024-15944
Name of the Vulnerable Software and Affected Versions Gradio affected versions not specified Description A local file include could be remotely triggered due to a vulnerable user-supplied JSON value in an API request. This issue allows for the potential inclusion of local files, which could lead ...
CVE-2023-6020 Ray Static File Local File Include
LFI in Ray's /static/ directory allows attackers to read any file on the server without authentication...
CVE-2023-6013
H2O is vulnerable to stored XSS vulnerability which can lead to a Local File Include attack...
CVE-2023-6013
H2O is vulnerable to stored XSS vulnerability which can lead to a Local File Include attack...
Cross site scripting
H2O is vulnerable to stored XSS vulnerability which can lead to a Local File Include attack...
CVE-2023-6021 Ray Log File Local File Include
LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication. The issue is fixed in version 2.8.1+. Ray maintainers' response can be found here:...
CVE-2023-6013 H2O Local File Include
H2O is vulnerable to stored XSS vulnerability which can lead to a Local File Include attack...
CVE-2023-6013 H2O Local File Include
H2O is vulnerable to stored XSS vulnerability which can lead to a Local File Include attack...
CVE-2023-6013
CVE-2023-6013 affects H2O with a stored XSS vulnerability that can lead to a Local File Include attack. Affected component is H2O’s web layer handling inputs, with the underlying issue described as stored XSS in multiple feeds and pages. Impact stated in sources includes potential exposure of loc...
CVE-2023-6023 ModelDB Local File Include
An attacker can read any file on the filesystem on the server hosting ModelDB through an LFI in the artifactpath URL parameter...