8 matches found
EUVD-2024-0026
Malicious code in bioql PyPI...
CVE-2024-6255
A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to delete any JSON file on the server, including critical configuration files such as config.json and dsconfigchatbot.json. This issue arises due to improper validation of file paths, enabling...
Path Traversal
agnai is vulnerable to Path Traversal. The vulnerability is due to improper input validation in JSON file handling, allowing attackers to read arbitrary JSON files at attacker-chosen locations on the server. This can lead to unauthorized access to sensitive information exposure...
CVE-2024-6255
A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to delete any JSON file on the server, including critical configuration files such as config.json and dsconfigchatbot.json. This issue arises due to improper validation of file paths, enabling...
CVE-2024-6255
GAIZHENBIAO/CHUANHUCHATGPT 20240410 suffers a directory-traversal vulnerability in its JSON file handling, enabling deletion of arbitrary server JSON files (e.g., config.json, ds_config_chatbot.json). Root cause: improper validation of file paths. Impact: potential disruption of the system, manip...
CVE-2024-6255 Path Traversal in gaizhenbiao/chuanhuchatgpt
A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to delete any JSON file on the server, including critical configuration files such as config.json and dsconfigchatbot.json. This issue arises due to improper validation of file paths, enabling...
CVE-2024-6255 Path Traversal in gaizhenbiao/chuanhuchatgpt
A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to delete any JSON file on the server, including critical configuration files such as config.json and dsconfigchatbot.json. This issue arises due to improper validation of file paths, enabling...
Visual Studio JSON Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...