Lollms Lollms-Webui vulnerabilities

CVE-2024-5125 [HIGH] CWE-79 CVE-2024-5125: parisneo/lollms-webui version 9.6 is vulnerable to Cross-Site Scripting (XSS) and Open Redirect due parisneo/lollms-webui version 9.6 is vulnerable to Cross-Site Scripting (XSS) and Open Redirect due to inadequate input validation and processing of SVG files during the upload process. The XSS vulnerability allows attackers to embed malicious JavaScript code within SVG files, which is executed upon rendering, leading to potential credential theft and una

CVE-2024-6971 [MEDIUM] CWE-22 CVE-2024-6971: A path traversal vulnerability exists in the parisneo/lollms-webui repository, specifically in the ` A path traversal vulnerability exists in the parisneo/lollms-webui repository, specifically in the `lollms_file_system.py` file. The functions `add_rag_database`, `toggle_mount_rag_database`, and `vectorize_folder` do not implement security measures such as `sanitize_path_from_endpoint` or `sanitize_path`. This allows an attacker to perform vectorize o

CVE-2024-4839 [LOW] CWE-352 CVE-2024-4839: A Cross-Site Request Forgery (CSRF) vulnerability exists in the 'Servers Configurations' function of A Cross-Site Request Forgery (CSRF) vulnerability exists in the 'Servers Configurations' function of the parisneo/lollms-webui, versions 9.6 to the latest. The affected functions include Elastic search Service (under construction), XTTS service, Petals service, vLLM service, and Motion Ctrl service, which lack CSRF protection. This vulnerability allows a

CVE-2024-4841 [LOW] CWE-29 CVE-2024-4841: A Path Traversal vulnerability exists in the parisneo/lollms-webui, specifically within the 'add_ref A Path Traversal vulnerability exists in the parisneo/lollms-webui, specifically within the 'add_reference_to_local_mode' function due to the lack of input sanitization. This vulnerability affects versions v9.6 to the latest. By exploiting this vulnerability, an attacker can predict the folders, subfolders, and files present on the victim's computer. The

CVE-2024-4403 [HIGH] CWE-352 CVE-2024-4403: A Cross-Site Request Forgery (CSRF) vulnerability exists in the restart_program function of the pari A Cross-Site Request Forgery (CSRF) vulnerability exists in the restart_program function of the parisneo/lollms-webui v9.6. This vulnerability allows attackers to trick users into performing unintended actions, such as resetting the program without their knowledge, by sending specially crafted CSRF forms. This issue affects the installation process, inc

CVE-2024-4267 [CRITICAL] CWE-77 CVE-2024-4267: A remote code execution (RCE) vulnerability exists in the parisneo/lollms-webui, specifically within A remote code execution (RCE) vulnerability exists in the parisneo/lollms-webui, specifically within the 'open_file' module, version 9.5. The vulnerability arises due to improper neutralization of special elements used in a command within the 'open_file' function. An attacker can exploit this vulnerability by crafting a malicious file path that, when

CVE-2024-1601 [CRITICAL] CWE-89 CVE-2024-1601: An SQL injection vulnerability exists in the `delete_discussion()` function of the parisneo/lollms-w An SQL injection vulnerability exists in the `delete_discussion()` function of the parisneo/lollms-webui application, allowing an attacker to delete all discussions and message data. The vulnerability is exploitable via a crafted HTTP POST request to the `/delete_discussion` endpoint, which internally calls the vulnerable `delete_discussion()` functi

CVE-2024-1646 [HIGH] CWE-288 CVE-2024-1646: parisneo/lollms-webui is vulnerable to authentication bypass due to insufficient protection over sen parisneo/lollms-webui is vulnerable to authentication bypass due to insufficient protection over sensitive endpoints. The application checks if the host parameter is not '0.0.0.0' to restrict access, which is inadequate when the application is bound to a specific interface, allowing unauthorized access to endpoints such as '/restart_program', '/update_s

CVE-2024-1569 [HIGH] CWE-400 CVE-2024-1569: parisneo/lollms-webui is vulnerable to a denial of service (DoS) attack due to uncontrolled resource parisneo/lollms-webui is vulnerable to a denial of service (DoS) attack due to uncontrolled resource consumption. Attackers can exploit the `/open_code_in_vs_code` and similar endpoints without authentication by sending repeated HTTP POST requests, leading to the opening of Visual Studio Code or the default folder opener (e.g., File Explorer, xdg-open)