11 matches found
EUVD-2026-43227
Crawl4AI before 0.8.7 contains an arbitrary file write vulnerability in the Docker API server's /screenshot and /pdf endpoints. The outputpath parameter accepts arbitrary filesystem paths without validation, allowing an attacker to supply absolute or path-traversal values to write to any location...
PYSEC-0000-CVE-2026-56258
Crawl4AI before 0.8.8 contains an arbitrary file write vulnerability in the screenshot and PDF endpoints that allows unauthenticated attackers to write files outside the intended directory via symlink and time-of-check-time-of-use TOCTOU attacks on the outputpath parameter. Remote attackers can...
CVE-2026-56258
Crawl4AI before 0.8.8 contains an arbitrary file write vulnerability in the screenshot and PDF endpoints that allows unauthenticated attackers to write files outside the intended directory via symlink and time-of-check-time-of-use TOCTOU attacks on the outputpath parameter. Remote attackers can...
CVE-2026-56258
Crawl4AI before 0.8.8 contains an arbitrary file write vulnerability in the screenshot and PDF endpoints that allows unauthenticated attackers to write files outside the intended directory via symlink and time-of-check-time-of-use TOCTOU attacks on the outputpath parameter. Remote attackers can...
EUVD-2026-38432
Crawl4AI before 0.8.8 contains an arbitrary file write vulnerability in the screenshot and PDF endpoints that allows unauthenticated attackers to write files outside the intended directory via symlink and time-of-check-time-of-use TOCTOU attacks on the outputpath parameter. Remote attackers can...
CVE-2026-56258
CVE-2026-56258 affects Crawl4AI prior to 0.8.8. An arbitrary file write exists in the screenshot and PDF endpoints via output_path, exploiting insufficient path validation and symlink following with TOCTOU. Unauthenticated remote attackers can write files outside the intended directory, potential...
PT-2026-51505
Name of the Vulnerable Software and Affected Versions Crawl4AI versions prior to 0.8.8 Description An arbitrary file write issue exists in the screenshot and PDF endpoints. Unauthenticated remote attackers can write files outside the intended directory by exploiting insufficient path validation a...
📄 Web‑Check 1 Command Injection
A command injection vulnerability was identified in the Web‑Check application's /api/screenshot endpoint. The issue stems from the backend function that spawns a Chromium screenshot process using childprocess.exec with user‑controlled input passed via the url query parameter. Because the input wa...
Crawl4AI Has Local File Inclusion in Docker API via file:// URLs
A local file inclusion vulnerability exists in the Crawl4AI Docker API. The /executejs, /screenshot, /pdf, and /html endpoints accept file:// URLs, allowing attackers to read arbitrary files from the server filesystem. Attack Vector: json POST /executejs "url": "file:///etc/passwd", "scripts":...
glpi-inventory-plugin 安全漏洞
glpi-inventory-plugin is a GLPI open source GLPI inventory plugin. A security vulnerability exists in glpi-inventory-plugin versions prior to 2.0.2, which stems from a file disclosure vulnerability in the /ajax/screenshot.php endpoint...
📄 Remote for Windows 2024.15 Unauthenticated Desktop Screenshot Capture
Remote for Windows version 2024.15 suffers from a missing authentication vulnerability that allows for the disclosure of desktop screenshots. Exploit Title: Remote for Windows 2024.15 - Unauthenticated Desktop Screenshot Capture Date: 2025-05-19 Exploit Author: Chokri Hammedi Vendor Homepage:...