Lucene search
K

5 matches found

OSV
OSV
added 2023/10/22 10:15 p.m.4 views

CVE-2023-46315

The zanllp sd-webui-infinite-image-browsing aka Infinite Image Browsing extension before 977815a for stable-diffusion-webui aka Stable Diffusion web UI, if Gradio authentication is enabled without secret key configuration, allows remote attackers to read any local file via /file?path= in the URL,...

7.5CVSS5.8AI score0.00572EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/10/22 10:15 p.m.5 views

CVE-2023-46315

The zanllp sd-webui-infinite-image-browsing aka Infinite Image Browsing extension before 977815a for stable-diffusion-webui aka Stable Diffusion web UI, if Gradio authentication is enabled without secret key configuration, allows remote attackers to read any local file via /file?path= in the URL,...

7.5CVSS5.8AI score0.00572EPSS
Exploits0References3
Prion
Prion
added 2023/10/22 10:15 p.m.17 views

Authentication flaw

The zanllp sd-webui-infinite-image-browsing aka Infinite Image Browsing extension before 977815a for stable-diffusion-webui aka Stable Diffusion web UI, if Gradio authentication is enabled without secret key configuration, allows remote attackers to read any local file via /file?path= in the URL,...

5CVSS7.6AI score0.00572EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/10/22 12:0 a.m.48 views

CVE-2023-46315

The CVE-2023-46315 issue affects the sd-webui-infinite-image-browsing extension for stable-diffusion-webui up to version 977815a. If Gradio authentication is enabled without a secret key, an unauthenticated remote attacker can read local files via the /file?path= endpoint, with demonstrations inc...

7.5CVSS7.5AI score0.00572EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/10/22 12:0 a.m.24 views

CVE-2023-46315

The zanllp sd-webui-infinite-image-browsing aka Infinite Image Browsing extension before 977815a for stable-diffusion-webui aka Stable Diffusion web UI, if Gradio authentication is enabled without secret key configuration, allows remote attackers to read any local file via /file?path= in the URL,...

7.8AI score0.00572EPSS
Exploits0References2
Rows per page
Query Builder