2 matches found
CVE-2023-6899
CVE-2023-6899 affects rmountjoy92 DashMachine 0.5-4. The vulnerability is in the Config Handler’s /settings/save_config functionality, where manipulating the argument value_template leads to code injection. Multiple sources confirm public exploitation potential. The issue is tied to an unknown fu...
CVE-2023-6900
CVE-2023-6900 affects rmountjoy92 DashMachine 0.5-4. The vulnerability is a path-traversal flaw in the /settings/delete_file functionality triggered by manipulating the file argument (e.g., '../filedir'), allowing access to files outside the intended directory. The issue has been publicly disclos...