Chuanhu Chat - Directory Traversal

The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its use of an outdated gradio component. The application is designed to restrict user access to resources within the webassets folder. However, the outdated version of gradio it employs is susceptible to pa...

ABB B&R Automation Studio

SUMMARY ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that replaces an outdated third-party component. Although no successful exploitation was observed during testing of the affected B&R products, the identified...

EUVD-2020-23231

Malware in sbrugna...

EUVD-2025-18995

Malicious code in bioql PyPI...

Gogs XSS allowed by stored call in PDF renderer

Summary A stored XSS is present in Gogs which allows client-side Javascript code execution. Details Gogs Version: docker images REPOSITORY TAG IMAGE ID CREATED SIZE gogs/gogs latest fe92583bc4fe 10 hours ago 99.3MB Application version: 0.14.0+dev Local setup using: bash Pull image from Docker Hub...

CVE-2025-47943

Gogs is an open source self-hosted Git service. In application version 0.14.0+dev and prior, there is a stored cross-site scripting XSS vulnerability present in Gogs, which allows client-side Javascript code execution. The vulnerability is caused by the usage of a vulnerable and outdated componen...

CVE-2020-35564

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an outdated and unused component allowing for malicious user input of active code...

CVE-2024-3234

The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its use of an outdated gradio component. The application is designed to restrict user access to resources within the webassets folder. However, the outdated version of gradio it employs is susceptible to pa...

CVE-2024-3234 Path Traversal in gaizhenbiao/chuanhuchatgpt

The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its use of an outdated gradio component. The application is designed to restrict user access to resources within the webassets folder. However, the outdated version of gradio it employs is susceptible to pa...

CVE-2024-3234

CVE-2024-3234 – Path traversal in gaizhenbiao/chuanhuchatgpt is due to an outdated Gradio component that permits traversal outside the restricted web_assets folder. The NVD/Nuclei/OSV records connect this to CVE-2023-51449 and describe that an attacker could bypass access restrictions and reach s...

PT-2024-24518 · Unknown +1 · Gaizhenbiao/Chuanhuchatgpt +1

Name of the Vulnerable Software and Affected Versions: gaizhenbiao/chuanhuchatgpt versions prior to the fixed version released on 20240305 Description: The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its use of an outdated gradio component. This...

CVE-2020-35564

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an outdated and unused component allowing for malicious user input of active code...

CVE-2020-35564

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an outdated and unused component allowing for malicious user input of active code...

Code injection

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an outdated and unused component allowing for malicious user input of active code...

CVE-2020-35564

MB CONNECT LINE’s MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 (affected up to v2.6.2) contain an outdated, unused component that allows malicious input of active code. This CVE (CVE-2020-35564) is documented with a CVSS v3 base score of 7.5 (HIGH) and describes remote, unauthenticated risk due ...

CVE-2020-35564

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an outdated and unused component allowing for malicious user input of active code...