Fallos del tipo CWE-29
64 resultadosCVE-2023-6909HIGHPath Traversal: '\..\filename' in mlflow/mlflowEPSS 89.7%CVE-2023-1177CRITICALPath Traversal: '\..\filename' in mlflow/mlflowEPSS 69.5%CVE-2024-6396CRITICALArbitrary File Overwrite and Data Exfiltration in aimhubio/aimEPSS 53.4%CVE-2024-3848HIGHPath Traversal Bypass in mlflow/mlflowEPSS 43.3%CVE-2024-2083CRITICALDirectory Traversal in zenml-io/zenmlEPSS 39.1%CVE-2023-6021HIGHRay Log File Local File IncludeEPSS 37.1%CVE-2024-4320CRITICALRemote Code Execution due to LFI in '/install_extension' in parisneo/lollms-webuiEPSS 34.4%CVE-2024-4322HIGHPath Traversal in parisneo/lollms-webuiEPSS 30.8%CVE-2024-3429CRITICALPath Traversal in parisneo/lollmsEPSS 28.3%CVE-2023-1034MEDIUMPath Traversal: '\..\filename' in salesagility/suitecrmEPSS 28.1%CVE-2024-2928HIGHLocal File Inclusion (LFI) via URI Fragment Parsing in mlflow/mlflowEPSS 21.8%CVE-2023-0104CRITICAL
The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This mayEPSS 21.8%CVE-2024-13059HIGHPath Traversal in mintplex-labs/anything-llmEPSS 19.8%CVE-2024-21518HIGHThis affects versions of the package opencart/opencart from 4.0.0.0. A Zip Slip issue was identified via the marketplace installer due to imEPSS 14.1%CVE-2024-1561HIGHArbitrary Local File Read via Component Method Invocation in gradio-app/gradioEPSS 9.2%CVE-2024-34470HIGHAn issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path Traversal vulnerability exists in the /publiEPSS 6.7%CVE-2023-2780CRITICALPath Traversal: '\..\filename' in mlflow/mlflowEPSS 6.3%CVE-2023-6977CRITICALPath Traversal: '\..\filename'EPSS 3.9%CVE-2023-6831HIGHPath Traversal: '\..\filename' in mlflow/mlflowEPSS 3.3%CVE-2023-6023HIGHModelDB Local File IncludeEPSS 3.0%