Local File Inclusion

voila is vulnerable to Local File Inclusion. The vulnerability is due to improper handling of file paths within app.py which allows an attacker to access readable files on the server's filesystem...

asiva (>=1.0.1 <=1.3.1), loci-st (=0.1.0) +8 more potentially affected by CVE-2024-30265 via voila (>=0.1.24 <=0.2.10)

voila PYPI version =0.1.24, =1.0.1, =0.2.1, =0.0.1, =0.0.6, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.1.0a4 Source cves: CVE-2024-30265 Source advisory: OSV:GHSA-2Q59-H24C-W6FG...

aeromaps (>=0.5.0b0 <=1.0.0), antakia (>=0.2.1 <=0.2.5) +54 more potentially affected by CVE-2024-30265 via voila (>=0.5.0a4 <=0.5.5)

voila PYPI version =0.5.0a4, =0.5.0b0, =0.2.1, =1.3.3, =0.0.8, =0.3.7, =0.7.10, =0.5.0, =0.0.2, =0.0.1, =0.0.1, =0.0.1, =0.1.3, =0.1.16 and more Source cves: CVE-2024-30265 Source advisory: OSV:GHSA-2Q59-H24C-W6FG...

aepsych (>=0.3.0 <=0.4.0), environmentfinder (>=1.1.3 <=1.1.4) +3 more potentially affected by CVE-2024-30265 via voila (>=0.3.0rc0 <=0.3.7)

voila PYPI version =0.3.0rc0, =0.3.0, =1.1.3, =0.1.0, =1.0.4 - oscovida =0.2.6 - voila-vuetify =0.5.2 Source cves: CVE-2024-30265 Source advisory: OSV:GHSA-2Q59-H24C-W6FG...

Voilà Local file inclusion

Impact Any deployment of voilà dashboard allow local file inclusion, that is to say any file on a filesystem that is readable by the user that runs the voilà dashboard server can be downloaded by someone with network access to the server. Whether this still requires authentication depends on how...

GHSA-2Q59-H24C-W6FG Voilà Local file inclusion

Impact Any deployment of voilà dashboard allow local file inclusion, that is to say any file on a filesystem that is readable by the user that runs the voilà dashboard server can be downloaded by someone with network access to the server. Whether this still requires authentication depends on how...

[SECURITY] Fedora 38 Update: python-jupyter-server-2.1.0-3.fc38

The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila...

[SECURITY] Fedora 39 Update: python-jupyter-server-2.7.2-2.fc39

The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila...

CVE-2023-49080 Jupyter Server errors include tracebacks with path information

The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. Unhandled errors in API requests coming from an authenticated user include traceback information, which can include path information...

Fedora: Security Advisory for python-jupyter-server (FEDORA-2023-88c411e973)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: python-jupyter-server-2.1.0-2.fc38

The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila...

voila-tam.com Improper Access Control vulnerability OBB-2268200

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2020-26275

The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. In Jupyter Server before version 1.1.1, an open redirect vulnerability could cause the jupyter server to redirect the browser to a...

PYSEC-2020-50

The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. In Jupyter Server before version 1.1.1, an open redirect vulnerability could cause the jupyter server to redirect the browser to a...

CVE-2020-26275 Open redirect vulnerability

The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. In Jupyter Server before version 1.1.1, an open redirect vulnerability could cause the jupyter server to redirect the browser to a...

chronix2grid (>=0.1.0rc1 <=1.0.2), jupyterlab (>=3.0.0b2 <=3.0.0rc13) +10 more potentially affected by CVE-2020-26232 via jupyter-server (>=0.0.5 <=1.0.11)

jupyter-server PYPI version =0.0.5, =0.1.0rc1, =3.0.0b2, =2.0.0b1, =0.2.0, =0.2.1, =0.0.11, =0.0.1, =0.0.6, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.1.0a4 Source cves: CVE-2020-26232 Source advisory: OSV:GHSA-GRFJ-WJV9-4F9V...

Voila CMS Cross Site Scripting

Exploit Title:Voila Cms Xss Vulnerability. Exploit Author:Darksnipper & Dr.v!ru$ Home:www.cybercoders.org Email:[email protected] Cms Link:http://www.voilasyria.com Tested On : windows 7 & linux. Dork:intext:powerd by voila P.o.c open http://site.com/path/view/search/viewSearch.php put in sear...

Voila CMS SQL Injection

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + Exploit Title: Voila Cms Blind SQL Injection Vulnerability + Exploit Author: Ashiyane Digital Security Team + Home : www.Ashiyane.org + Vendor Homepage: www.arabengineeringindustries.org + Category: Web...

Voila Web Design SQL Injection

Exploit Title; Voila Web Design SQL Injection Vulnerability Date ; 24/6/12 Author ; 3spi0n Script Vendor or Software Link ; http://www.voilasyria.com/ Category ; Webapps Type ; SQL Injection MySQLi Tested on ; Ubuntu / Win7 / Backtrack Demo Analyzing ;...