CVE-2025-2860

SaTECH BCU in its firmware version 2.1.3, allows an authenticated attacker to access information about the credentials that users have within the web .xml file. In order to exploit this vulnerability, the attacker must know the path, regardless of the user's privileges on the website...

Azure File Sync Agent v20.0 Release – February 2025 (KB5041884)

Update Rollup for Azure File Sync agent version 20.0.0.0. For more details, see the associated Microsoft Knowledge Base article...

ServiceNow Public Knowledge Base Detected

ServiceNow offers a knowledge management module to help organizations sharing internal or public information to help in their service usages. This informational plugin detects the presence of public knowledge bases on the target ServiceNow instance. No source data...

CVE-2024-8027

A stored Cross-Site Scripting XSS vulnerability exists in netease-youdao/QAnything. Attackers can upload malicious knowledge files to the knowledge base, which can trigger XSS attacks during user chats. This vulnerability affects all versions prior to the fix...

CVE-2024-10833

eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to absolute path traversal, allowing attackers to write files to arbitrary locations on the target server. This vulnerability arises...

CVE-2024-10834

eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that allows for arbitrary file write. The issue arises from the ability to pass an absolute path to a call to os.path.join, enabling an attacker to write files to arbitrary locations on the target server. Thi...

CVE-2024-8026

A Cross-Site Request Forgery CSRF vulnerability exists in the backend API of netease-youdao/qanything, as of commit d9ab8bc. The backend server has overly permissive CORS headers, allowing all cross-origin calls. This vulnerability affects all backend endpoints, enabling actions such as creating,...

Uncontrolled Recursion

Overview llama-index-readers-web is a llama-index readers web integration Affected versions of this package are vulnerable to Uncontrolled Recursion via the KnowledgeBaseWebReader class's getarticleurls function. An attacker can trigger a crash by supplying a URL to an object containing an href...

GHSA-J9G7-MQHH-9HXF DB-GPT Absolute Path Traversal in knowledge/{space_name}/document/upload

eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to absolute path traversal, allowing attackers to write files to arbitrary locations on the target server. This vulnerability arises...

DB-GPT Absolute Path Traversal in knowledge/{space_name}/document/upload

eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to absolute path traversal, allowing attackers to write files to arbitrary locations on the target server. This vulnerability arises...

CVE-2024-8026

A Cross-Site Request Forgery CSRF vulnerability exists in the backend API of netease-youdao/qanything, as of commit d9ab8bc. The backend server has overly permissive CORS headers, allowing all cross-origin calls. This vulnerability affects all backend endpoints, enabling actions such as creating,...

CVE-2024-8027

A stored Cross-Site Scripting XSS vulnerability exists in netease-youdao/QAnything. Attackers can upload malicious knowledge files to the knowledge base, which can trigger XSS attacks during user chats. This vulnerability affects all versions prior to the fix...

CVE-2024-8027

A stored Cross-Site Scripting XSS vulnerability exists in netease-youdao/QAnything. Attackers can upload malicious knowledge files to the knowledge base, which can trigger XSS attacks during user chats. This vulnerability affects all versions prior to the fix...

CVE-2024-8026

A Cross-Site Request Forgery CSRF vulnerability exists in the backend API of netease-youdao/qanything, as of commit d9ab8bc. The backend server has overly permissive CORS headers, allowing all cross-origin calls. This vulnerability affects all backend endpoints, enabling actions such as creating,...

CVE-2024-10833

eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to absolute path traversal, allowing attackers to write files to arbitrary locations on the target server. This vulnerability arises...

CVE-2024-10833

eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to absolute path traversal, allowing attackers to write files to arbitrary locations on the target server. This vulnerability arises...

CVE-2024-10834

eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that allows for arbitrary file write. The issue arises from the ability to pass an absolute path to a call to os.path.join, enabling an attacker to write files to arbitrary locations on the target server. Thi...

CVE-2024-10834

eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that allows for arbitrary file write. The issue arises from the ability to pass an absolute path to a call to os.path.join, enabling an attacker to write files to arbitrary locations on the target server. Thi...

CVE-2024-10834 Arbitrary File Write in eosphoros-ai/db-gpt

eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that allows for arbitrary file write. The issue arises from the ability to pass an absolute path to a call to os.path.join, enabling an attacker to write files to arbitrary locations on the target server. Thi...

CVE-2024-10834

CVE-2024-10834 affects eosphoros-ai/db-gpt version 0.6.0, with a vulnerability in the RAG-knowledge endpoint that permits arbitrary file write by passing an absolute path to os.path.join via doc_file.filename. Attackers could write to arbitrary locations on the target server, potentially overwrit...