Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ModelscopeAgentscope

3 matches found

CVE
CVEadded 2025/02/10 7:15 p.m.72 views

CVE-2024-8550

A Local File Inclusion (LFI) vulnerability exists in the /load-workflow endpoint of modelscope/agentscope version v0.0.4. This vulnerability allows an attacker to read arbitrary files from the server, including sensitive files such as API keys, by manipulating the filename parameter. The issue aris...

7.5CVSS7.4AI score0.00041EPSS
Web
CVE
CVEadded 2025/03/20 10:15 a.m.62 views

CVE-2024-8438

A path traversal vulnerability exists in modelscope/agentscope version v.0.0.4. The API endpoint /api/file does not properly sanitize the path parameter, allowing an attacker to read arbitrary files on the server.

7.5CVSS7.5AI score0.00075EPSS
Web
CVE
CVEadded 2025/03/20 10:15 a.m.40 views

CVE-2024-8524

A directory traversal vulnerability exists in modelscope/agentscope version 0.0.4. An attacker can exploit this vulnerability to read any local JSON file by sending a crafted POST request to the /read-examples endpoint.

7.5CVSS7.3AI score0.00217EPSS