parisneo/lollms-webui — Vulnerabilities & Security Advisories 53

All 53 CVE vulnerabilities found in parisneo/lollms-webui, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-2356	Remote Code Execution due to LFI in '/reinstall_extension' in parisneo/lollms-webui CWE-29	9.8^AI	Critical^AI	2026-02-02
CVE-2024-12766	SSRF in parisneo/lollms-webui CWE-918	9.8	-	2025-03-20
CVE-2024-8736	Denial of Service (DoS) via Multipart Boundary in parisneo/lollms-webui CWE-352	6.5	-	2025-03-20
CVE-2024-8898	Path Traversal in parisneo/lollms-webui CWE-22	9.1	-	2025-03-20
CVE-2025-1451	Insufficient Patch Leading to DoS in parisneo/lollms-webui CWE-770	7.5	-	2025-03-20
CVE-2024-6986	Cross-site Scripting (XSS) in parisneo/lollms-webui CWE-79	5.4	-	2025-03-20
CVE-2024-10019	Path Traversal and OS Command Injection in parisneo/lollms-webui CWE-78	9.8	-	2025-03-20
CVE-2024-9920	Unrestricted File Upload and Execution in parisneo/lollms-webui CWE-434	9.8	-	2025-03-20
CVE-2024-9919	Missing Authentication Check in parisneo/lollms-webui CWE-306	7.5	-	2025-03-20
CVE-2024-10047	Directory Listing Vulnerability in parisneo/lollms-webui CWE-36	5.3	-	2025-03-20
CVE-2024-8581	Path Traversal in parisneo/lollms-webui CWE-22	7.5	-	2025-03-20
CVE-2024-5125	XSS and Open Redirect via SVG File Upload in parisneo/lollms-webui CWE-79	6.1	-	2024-11-14
CVE-2024-6673	CSRF Vulnerability in parisneo/lollms-webui CWE-352	8.1^AI	High^AI	2024-10-29
CVE-2024-6674	Data Leak through CORS Misconfiguration in parisneo/lollms-webui CWE-346	7.1^AI	High^AI	2024-10-29
CVE-2024-6959	Denial of Service (DOS) in multipart boundary while uploading file in parisneo/lollms-webui CWE-352	7.5	-	2024-10-13
CVE-2024-6394	Local File Inclusion in parisneo/lollms-webui CWE-29	7.5	-	2024-09-30
CVE-2024-4897	Remote Code Execution in parisneo/lollms-webui CWE-76	9.8^AI	Critical^AI	2024-07-02
CVE-2024-5933	Cross-site Scripting (XSS) in parisneo/lollms-webui CWE-79	6.1^AI	Medium^AI	2024-06-27
CVE-2024-6250	Absolute Path Traversal in parisneo/lollms-webui CWE-36	7.5^AI	High^AI	2024-06-27
CVE-2024-4498	Path Traversal and RFI Vulnerability in parisneo/lollms-webui CWE-22	7.5^AI	High^AI	2024-06-25
CVE-2024-4839	CSRF in Servers Configurations in parisneo/lollms-webui CWE-352	8.8^AI	High^AI	2024-06-24
CVE-2024-4841	Path Traversal in parisneo/lollms-webui CWE-29	7.5	-	2024-06-23
CVE-2024-4403	CSRF in restart_program in parisneo/lollms-webui CWE-352	8.1	-	2024-06-10
CVE-2024-4328	CSRF in clear_personality_files_list in parisneo/lollms-webui CWE-352	8.1	-	2024-06-10
CVE-2024-2359	Improper Neutralization of Special Elements used in an OS Command in parisneo/lollms-webui CWE-78	9.8^AI	Critical^AI	2024-06-06
CVE-2024-2360	Path Traversal leading to Remote Code Execution in parisneo/lollms-webui CWE-29	9.8^AI	Critical^AI	2024-06-06
CVE-2024-3322	Path Traversal in parisneo/lollms-webui CWE-22	9.3^AI	Critical^AI	2024-06-06
CVE-2024-1873	Path Traversal and Denial of Service in parisneo/lollms-webui CWE-22	7.5^AI	High^AI	2024-06-06
CVE-2024-2288	CSRF File Upload Vulnerability in parisneo/lollms-webui CWE-352	7.1^AI	High^AI	2024-06-06
CVE-2024-4320	Remote Code Execution due to LFI in '/install_extension' in parisneo/lollms-webui CWE-29	9.8^AI	Critical^AI	2024-06-06

All 53 known CVE vulnerabilities affecting parisneo/lollms-webui with full Chinese analysis, references, and POCs where available.

Goal Reached Thanks to every supporter — we hit 100%!

parisneo/lollms-webui — Vulnerabilities & Security Advisories 53