CVE-2024-6250 | parisneo lollms-webui up to 9.6 lollms_advanced.py open_file absolute path traversal

Posted by Angelo Barbosa | Jun 27, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in parisneo lollms-webui up to 9.6. Affected by this issue is the function open_file of the file lollms_advanced.py. The manipulation leads to absolute path traversal.

This vulnerability is handled as CVE-2024-6250. The attack may be launched remotely. There is no exploit available.

CVE-2024-6250 | parisneo lollms-webui up to 9.6 lollms_advanced.py open_file absolute path traversal

Related Posts

CVE-2023-20587 | AMD EPYC(TM) Embedded 9003 System Management Mode access control

CVE-2024-7857 | Media Library Folders Plugin up to 8.2.2 on WordPress sql injection

CVE-2024-5337 | Ruijie RG-UAC up to 20240516 user_commit.php email2/user_name os command injection

CVE-2024-52552 | Jenkins Authorize Project Plugin up to 1.7.2 cross site scripting