5 matches found
EUVD-2025-7071
Malicious code in bioql PyPI...
CVE-2024-11031
In version 3.83 of binary-husky/gptacademic, a Server-Side Request Forgery SSRF vulnerability exists in the MarkdownTranslate.getfilesfromeverything API. This vulnerability is exploited through the HotReloadMarkdown翻译中 plugin function, which allows downloading arbitrary web hosts by only checking...
CVE-2024-11031
In version 3.83 of binary-husky/gptacademic, a Server-Side Request Forgery SSRF vulnerability exists in the MarkdownTranslate.getfilesfromeverything API. This vulnerability is exploited through the HotReloadMarkdown翻译中 plugin function, which allows downloading arbitrary web hosts by only checking...
CVE-2024-11030
GPT Academic version 3.83 is vulnerable to a Server-Side Request Forgery SSRF vulnerability through its HotReload plugin function, which calls the crazyutils.getfilesfromeverything API without proper sanitization. This allows attackers to exploit the vulnerability to abuse the victim GPT Academic...
CVE-2024-11030
GPT Academic version 3.83 is affected by a Server-Side Request Forgery (SSRF) in the HotReload plugin. The vulnerability arises when HotReload calls crazy_utils.get_files_from_everything() without proper input sanitization, enabling an attacker to misuse the Gradio Web server’s credentials to acc...