2 matches found
PYSEC-2024-108
A path traversal vulnerability exists in the parisneo/lollms application, affecting version 9.4.0 and potentially earlier versions, but fixed in version 5.9.0. The vulnerability arises due to improper validation of file paths between Windows and Linux environments, allowing attackers to traverse...
PT-2024-33236 · Parisneo · Lollms
Name of the Vulnerable Software and Affected Versions: parisneo/lollms versions prior to 9.5.0 Description: A path traversal vulnerability exists due to improper validation of file paths between Windows and Linux environments, allowing attackers to traverse beyond the intended directory and read...