PT-2024-19272 · Unknown · Whoogle Search

Name of the Vulnerable Software and Affected Versions: Whoogle Search versions 0.8.3 and prior Description: Whoogle Search is a self-hosted metasearch engine. The issue allows for a limited file write vulnerability when configuration options are enabled. The config function in app/routes.py does...

GHSA-XWG4-93C6-3H42 Directory Traversal in send

Versions 0.8.3 and earlier of send are affected by a directory traversal vulnerability. When relying on the root option to restrict file access it may be possible for an application consumer to escape out of the restricted directory and access files in a similarly named directory. For example,...