Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
absolute vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv3
CVE-2022-31531
The dainst/cilantro repository up to and including 0.0.4 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Dainst Cilantro
9.3
CVSSv3
CVE-2022-31544
The meerstein/rbtm repository up to and including 1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Xtomo Robo-tom
NA
CVE-2002-1423
tmp_view.php in FUDforum prior to 2.2.0 allows remote malicious users to read arbitrary files via an absolute pathname in the file parameter.
Ilia Alshanetsky Fudforum 1.9.8
Ilia Alshanetsky Fudforum 2.0.2
Ilia Alshanetsky Fudforum 1.2.8
1 EDB exploit
9.3
CVSSv3
CVE-2022-31503
The orchest/orchest repository prior to 2022.05.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Orchest Orchest
9.3
CVSSv3
CVE-2022-31502
The operatorequals/wormnest repository up to and including 0.4.7 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Wormnest Project Wormnest
9.3
CVSSv3
CVE-2022-31515
The Delor4/CarceresBE repository up to and including 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Carceresbe Project Carceresbe 1.0
9.3
CVSSv3
CVE-2022-31519
The Lukasavicus/WindMill repository up to and including 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Windmill Project Windmill 1.0
9.3
CVSSv3
CVE-2022-31525
The SummaLabs/DLS repository up to and including 0.1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Deep Learning Studio Project Deep Learning Studio 0.1.0
9.3
CVSSv3
CVE-2022-31539
The kotekan/kotekan repository up to and including 2021.11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Kotekan Project Kotekan
9.3
CVSSv3
CVE-2022-31543
The maxtortime/SetupBox repository up to and including 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Setupbox Project Setupbox
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »