PYSEC-2024-112

An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to insufficient validation when loading prompt template files. An attacker can read any file that matches specific criteria using an absolute path. The file must not have a .json extension and, except f...

ChuanhuChatGPT 安全漏洞

ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. An information disclosure vulnerability exists in ChuanhuChatGPT version 20240628, which can be exploited by an attacker to gain access to...

PT-2024-38718 · Unknown · Gaizhenbiao/Chuanhuchatgpt

Name of the Vulnerable Software and Affected Versions: gaizhenbiao/chuanhuchatgpt version 20240628 Description: An arbitrary file read issue exists due to insufficient validation when loading prompt template files. An attacker can read any file that matches specific criteria using an absolute pat...

ChuanhuChatGPT 安全漏洞

ChuanhuChatGPT is an application by the individual developer Chuan Hu. It provides a fast and easy-to-use web graphical interface and many additional features for many LLMs such as ChatGPT. A security vulnerability exists in ChuanhuChatGPT version 20240628, which stems from insufficient validatio...