Lucene search
+L

5 matches found

OSV
OSV
added 2022/07/11 1:15 a.m.4 views

CVE-2022-31568

The Rexians/rex-web repository through 2022-06-05 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS5.8AI score0.01242EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/07/11 1:15 a.m.2 views

CVE-2022-31568

The Rexians/rex-web repository through 2022-06-05 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS5.3AI score0.01242EPSS
Exploits1References2
Prion
Prion
added 2022/07/11 1:15 a.m.11 views

Path traversal

The Rexians/rex-web repository through 2022-06-05 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

6.4CVSS9.3AI score0.01242EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/07/11 1:0 a.m.64 views

CVE-2022-31568

The CVE-2022-31568 entry concerns the Rexians/rex-web project, where absolute path traversal is possible due to unsafe use of Flask send_file. This is confirmed across sources (NVD, Red Hat, CVE List, CNNVD) with descriptions indicating the vulnerability stems from improper handling of file paths...

9.3CVSS9.3AI score0.01242EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/07/11 12:0 a.m.5 views

rex-web 路径遍历漏洞

rex-web is a Rexians community website open-sourced by Rexians. A security vulnerability exists in rex-web, which stems from an insecure use of the Flask sendfile function...

9.3CVSS8.3AI score0.01242EPSS
Exploits1References2
Rows per page
Query Builder