Soumettre #601028: eosphoros-ai DB-GPT <=v.0.7.2 Path Traversalinformation

Titreeosphoros-ai DB-GPT <=v.0.7.2 Path Traversal
DescriptionDB-GPT doesn't perform security checks on the parameters passed by the route 'api/v2/serve/awel/flow/import', resulting in path traversal.
La source⚠️ https://github.com/eosphoros-ai/DB-GPT/issues/2774
Utilisateur
 Anonymous User
Soumission20/06/2025 05:33 (il y a 10 mois)
Modérer27/06/2025 12:17 (7 days later)
StatutAccepté
Entrée VulDB314088 [eosphoros-ai db-gpt jusqu’à 0.7.2 import import_flow Fichier directory traversal]
Points15

PrécédentAperçuSuivant

Do you want to use VulDB in your project?

Use the official API to access entries easily!