Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-0026

Malicious code in bioql PyPI...

9.1CVSS6.4AI score0.13092EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/02/05 2:56 a.m.10 views

CVE-2024-6255

A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to delete any JSON file on the server, including critical configuration files such as config.json and dsconfigchatbot.json. This issue arises due to improper validation of file paths, enabling...

9.1CVSS6.8AI score0.13092EPSS
Exploits1References1
Veracode
Veracode
added 2024/10/08 6:40 a.m.10 views

Path Traversal

agnai is vulnerable to Path Traversal. The vulnerability is due to improper input validation in JSON file handling, allowing attackers to read arbitrary JSON files at attacker-chosen locations on the server. This can lead to unauthorized access to sensitive information exposure...

4.3CVSS6.4AI score0.00468EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/07/31 1:15 a.m.16 views

CVE-2024-6255

A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to delete any JSON file on the server, including critical configuration files such as config.json and dsconfigchatbot.json. This issue arises due to improper validation of file paths, enabling...

9.1CVSS9.2AI score
Exploits0References1
CVE
CVE
added 2024/07/31 12:0 a.m.59 views

CVE-2024-6255

GAIZHENBIAO/CHUANHUCHATGPT 20240410 suffers a directory-traversal vulnerability in its JSON file handling, enabling deletion of arbitrary server JSON files (e.g., config.json, ds_config_chatbot.json). Root cause: improper validation of file paths. Impact: potential disruption of the system, manip...

9.1CVSS8.2AI score0.13092EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/07/31 12:0 a.m.34 views

CVE-2024-6255 Path Traversal in gaizhenbiao/chuanhuchatgpt

A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to delete any JSON file on the server, including critical configuration files such as config.json and dsconfigchatbot.json. This issue arises due to improper validation of file paths, enabling...

8.2CVSS0.13092EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/07/31 12:0 a.m.18 views

CVE-2024-6255 Path Traversal in gaizhenbiao/chuanhuchatgpt

A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to delete any JSON file on the server, including critical configuration files such as config.json and dsconfigchatbot.json. This issue arises due to improper validation of file paths, enabling...

8.2CVSS8.9AI score0.13092EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 2020/09/08 7:0 a.m.48 views

Visual Studio JSON Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...

9.3CVSS2.4AI score0.05365EPSS
Exploits0
Rows per page
Query Builder