5 matches found
EUVD-2024-31727
Malicious code in bioql PyPI...
CVE-2024-3126 Command Injection in parisneo/lollms-webui
A command injection vulnerability exists in the 'runxttsapiserver' function of the parisneo/lollms-webui application, specifically within the 'lollmsxtts.py' script. The vulnerability arises due to the improper neutralization of special elements used in an OS command. The affected function utiliz...
CVE-2024-3126
CVE-2024-3126 concerns the parisneo/lollms-webui project, specifically the bug in the Python file lollms_xtts.py and the function run_xtts_api_server. The issue stems from constructing an OS command with a Python f-string and passing xtts_base_url to subprocess.Popen without adequate input saniti...
CVE-2024-3126 Command Injection in parisneo/lollms-webui
A command injection vulnerability exists in the 'runxttsapiserver' function of the parisneo/lollms-webui application, specifically within the 'lollmsxtts.py' script. The vulnerability arises due to the improper neutralization of special elements used in an OS command. The affected function utiliz...
LoLLMs Operating System Command Injection Vulnerability
LoLLMs is a Web UI for a large language multimodal system by the individual developer Saifeddine ALOUI. An operating system command injection vulnerability exists in LoLLMs versions prior to 9.5 that stems from incorrect neutralization of special elements used in operating system commands, allowi...