A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI pat...

Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1.

Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1.

A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information.

A path traversal vulnerability in the '/apply_settings' endpoint of parisneo/lollms-webui allows attackers to execute arbitrary code. The vulnerability arises due to insufficient sanitization of user-...

parisneo/lollms-webui is vulnerable to path traversal attacks that can lead to remote code execution due to insufficient sanitization of user-supplied input in the 'Database path' and 'PDF LaTeX path'...