Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

parisneo/lollms-webui — Vulnerabilities & Security Advisories 53

All 53 CVE vulnerabilities found in parisneo/lollms-webui, with AI-generated Chinese analysis, references, and POCs.

Vendor: parisneo

CVE IDTitleCVSSSeverityPublished
CVE-2024-2624 Path Traversal and Arbitrary File Upload Vulnerability in parisneo/lollms-webui CWE-29 9.1AICriticalAI2024-06-06
CVE-2024-2548 Path Traversal in parisneo/lollms-webui CWE-36 6.2AIMediumAI2024-06-06
CVE-2024-2362 Path Traversal in parisneo/lollms-webui CWE-36 9.1AICriticalAI2024-06-06
CVE-2024-5482 SSRF in add_webpage endpoint in parisneo/lollms-webui CWE-918 9.8AICriticalAI2024-06-06
CVE-2024-2178 Path Traversal Vulnerability in parisneo/lollms-webui CWE-29 7.5 -2024-06-02
CVE-2024-4330 Path Traversal in parisneo/lollms-webui CWE-23 7.5AIHighAI2024-05-30
CVE-2024-4267 Remote Code Execution in parisneo/lollms-webui CWE-77 9.8AICriticalAI2024-05-22
CVE-2024-2361 Arbitrary Upload & Read via Path Traversal in parisneo/lollms-webui CWE-29 9.1AICriticalAI2024-05-16
CVE-2024-2366 Remote Code Execution in parisneo/lollms-webui CWE-77 9.8AICriticalAI2024-05-16
CVE-2024-3435 Path Traversal in parisneo/lollms-webui CWE-29 9.8AICriticalAI2024-05-16
CVE-2024-3126 Command Injection in parisneo/lollms-webui CWE-78 9.8AICriticalAI2024-05-16
CVE-2024-4326 Remote Code Execution via `/apply_settings` and `/execute_code` in parisneo/lollms-webui CWE-15 9.8AICriticalAI2024-05-16
CVE-2024-4322 Path Traversal in parisneo/lollms-webui CWE-29 7.5AIHighAI2024-05-16
CVE-2024-2358 Path Traversal leading to Remote Code Execution in parisneo/lollms-webui CWE-29 9.8AICriticalAI2024-05-16
CVE-2024-2299 Stored Cross-Site Scripting (XSS) via Profile Picture Upload in parisneo/lollms-webui CWE-79 6.1 -2024-05-12
CVE-2024-1569 Uncontrolled Resource Consumption in parisneo/lollms-webui CWE-400 7.5 -2024-04-16
CVE-2024-1646 Authentication Bypass in parisneo/lollms-webui CWE-288 9.8 -2024-04-16
CVE-2024-1601 SQL Injection in parisneo/lollms-webui CWE-89 7.5 -2024-04-16
CVE-2024-1520 OS Command Injection in parisneo/lollms-webui CWE-78 9.8AICriticalAI2024-04-10
CVE-2024-1602 Stored XSS leading to RCE in parisneo/lollms-webui CWE-79 9.0AICriticalAI2024-04-10
CVE-2024-1511 Path Traversal Vulnerability in parisneo/lollms-webui CWE-22 8.8AIHighAI2024-04-10
CVE-2024-1600 Local File Inclusion in parisneo/lollms-webui CWE-98 7.5AIHighAI2024-04-10
CVE-2024-1522 Cross-Site Request Forgery (CSRF) Leading to Remote Code Execution in parisneo/lollms-webui CWE-352 7.4AIHighAI2024-03-30

All 53 known CVE vulnerabilities affecting parisneo/lollms-webui with full Chinese analysis, references, and POCs where available.