CVE-2024-2178 | parisneo lollms-webui lollms_personalities_infos.py copy_to_custom_personas name path traversal

Inserito da Angelo Barbosa | Giu 2, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in parisneo lollms-webui. This issue affects the function copy_to_custom_personas of the file lollms_personalities_infos.py. The manipulation of the argument name leads to path traversal: ‘..filename’.

The identification of this vulnerability is CVE-2024-2178. The attack may be initiated remotely. There is no exploit available.

CVE-2024-2178 | parisneo lollms-webui lollms_personalities_infos.py copy_to_custom_personas name path traversal

Post correlati

CVE-2024-0474 | code-projects Dormitory Management System 1.0 login.php username sql injection

CVE-2024-30532 | Builderall Builder Plugin up to 2.0.1 on WordPress server-side request forgery

CVE-2024-33009 | SAP Global Label Management 605/606/616/617 sql injection

CVE-2024-44197 | Apple macOS up to 13.6/14.6 denial of service