Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Path Traversal Vulnerability in gaizhenbiao/chuanhuchatgpt
Vulnerability Description
A path traversal vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240410, allowing any user to delete other users' chat histories. This vulnerability can also be exploited to delete any files ending in `.json` on the target system, leading to a denial of service as users are unable to authenticate.
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
ChuanhuChatGPT 资源管理错误漏洞
Vulnerability Description
ChuanhuChatGPT是为ChatGPT/ChatGLM/LLaMA/StableLM/MOSS等多种LLM提供了一个轻快好用的Web图形界面。 ChuanhuChatGPT 20240410版本存在资源管理错误漏洞,该漏洞源于容易受到路径遍历攻击,允许任何用户删除其他用户的聊天记录,还可能使用户无法进行身份验证从而导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A