14 matches found
Chuanhu Chat - Directory Traversal
The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its use of an outdated gradio component. The application is designed to restrict user access to resources within the webassets folder. However, the outdated version of gradio it employs is susceptible to pa...
PT-2026-5495
Name of the Vulnerable Software and Affected Versions LocalSend versions up to and including 1.17.0 Description LocalSend is an application enabling file and message sharing with nearby devices on a local network, without internet access. When a user initiates a "Share via Link" session, the...
EUVD-2019-2279
Malware in sbrugna...
How Cloud Wrapper Evolved to Optimize Small-Object Caching
Learn how Akamai's Cloud Wrapper evolved to optimize small-object caching, reduce egress costs, and boost SEO rankings for web and media assets...
Malicious code in relativity-web-assets (npm)
The package relativity-web-assets was found to contain malicious code...
MAL-2025-32046 Malicious code in relativity-web-assets (npm)
The package relativity-web-assets was found to contain malicious code...
MAL-2025-38966 Malicious code in web-assets (npm)
The package web-assets was found to contain malicious code...
Malicious code in web-assets (npm)
The package web-assets was found to contain malicious code...
A New Approach to Discover, Monitor, and Reduce Your Modern Web Attack Surface
Web applications reign the internet universe, but also bring new risks that let attackers poke holes in an ever-expanding attack surface. Stolen credentials have been the historical culprit. Recent analysis saw a spike in exploits targeting web applications directly through specially-crafted...
new packages: web-assets
An update is available for web-assets. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
Kenzer - Automated Web Assets Enumeration And Scanning
Automated Web Assets Enumeration & Scanning Instructions for running 1. Create an account on Zulip 2. Navigate to Settings Your Bots Add a new bot 3. Create a new generic bot named kenzer 4. Add all the configurations in configs/kenzer.conf 5. Install/Run using - ./install.sh -b if you need...
CVE-2019-10276
Western Bridge Cobub Razor 0.8.0 has a file upload vulnerability via the web/assets/swf/uploadify.php URI, as demonstrated by a .php file with the image/jpeg content type...
CVE-2019-10276
CVE-2019-10276 affects Western Bridge Cobub Razor 0.8.0. The vulnerability is a file upload issue reachable via the URI web/assets/swf/uploadify.php; demonstration involves uploading a PHP file served with the image/jpeg content type. The connected records confirm the affected product and the upl...
Important: Red Hat Security Advisory: rh-ror50-rubygem-sprockets security update
An update for rh-ror50-rubygem-sprockets is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...