CVE-2024-4330 | parisneo lollms-webui up to latest list_personalities category path traversal

Inserito da Angelo Barbosa | Mag 30, 2024 | CVE

A vulnerability was found in parisneo lollms-webui up to latest. It has been rated as problematic. Affected by this issue is the function list_personalities. The manipulation of the argument category leads to relative path traversal.

This vulnerability is handled as CVE-2024-4330. It is possible to launch the attack on the local host. There is no exploit available.

CVE-2024-4330 | parisneo lollms-webui up to latest list_personalities category path traversal

Post correlati

CVE-2021-34960 | Foxit PDF Editor 11.0.0.49893 Circle Annotation use after free (ZDI-21-1191)

CVE-2024-37316 | Nextcloud Calendar App up to 4.6.7/4.7.1 Event Attachment unexpected data type

CVE-2024-1282 | Email Encoder Plugin up to 2.2.0 on WordPress Shortcode cross site scripting

CVE-2024-48929 | Umbraco CMS up to 10.8.6/13.5.1 Sign-Out session fixiation (GHSA-wxw9-6pv9-c3xc)