Parisneo Lollms-Webui vulnerabilities

CVE-2024-4841 [LOW] CWE-29 CVE-2024-4841: A Path Traversal vulnerability exists in the parisneo/lollms-webui, specifically within the 'add_ref A Path Traversal vulnerability exists in the parisneo/lollms-webui, specifically within the 'add_reference_to_local_mode' function due to the lack of input sanitization. This vulnerability affects versions v9.6 to the latest. By exploiting this vulnerability, an attacker can predict the folders, subfolders, and files present on the victim's computer. The

CVE-2024-4328 [HIGH] CWE-352 CVE-2024-4328: A Cross-Site Request Forgery (CSRF) vulnerability exists in the clear_personality_files_list functio A Cross-Site Request Forgery (CSRF) vulnerability exists in the clear_personality_files_list function of the parisneo/lollms-webui v9.6. The vulnerability arises from the use of a GET request to clear personality files list, which lacks proper CSRF protection. This flaw allows attackers to trick users into performing actions without their consent, such

CVE-2024-4403 [HIGH] CWE-352 CVE-2024-4403: A Cross-Site Request Forgery (CSRF) vulnerability exists in the restart_program function of the pari A Cross-Site Request Forgery (CSRF) vulnerability exists in the restart_program function of the parisneo/lollms-webui v9.6. This vulnerability allows attackers to trick users into performing unintended actions, such as resetting the program without their knowledge, by sending specially crafted CSRF forms. This issue affects the installation process, inc

CVE-2024-3322 [CRITICAL] CWE-22 CVE-2024-3322: A path traversal vulnerability exists in the 'cyber_security/codeguard' native personality of the pa A path traversal vulnerability exists in the 'cyber_security/codeguard' native personality of the parisneo/lollms-webui, affecting versions up to 9.5. The vulnerability arises from the improper limitation of a pathname to a restricted directory in the 'process_folder' function within 'lollms-webui/zoos/personalities_zoo/cyber_security/codeguard/scrip

CVE-2024-2359 [CRITICAL] CWE-78 CVE-2024-2359: A vulnerability in the parisneo/lollms-webui version 9.3 allows attackers to bypass intended access A vulnerability in the parisneo/lollms-webui version 9.3 allows attackers to bypass intended access restrictions and execute arbitrary code. The issue arises from the application's handling of the `/execute_code` endpoint, which is intended to be blocked from external access by default. However, attackers can exploit the `/update_setting` endpoint, wh

CVE-2024-2360 [CRITICAL] CWE-29 CVE-2024-2360: parisneo/lollms-webui is vulnerable to path traversal attacks that can lead to remote code execution parisneo/lollms-webui is vulnerable to path traversal attacks that can lead to remote code execution due to insufficient sanitization of user-supplied input in the 'Database path' and 'PDF LaTeX path' settings. An attacker can exploit this vulnerability by manipulating these settings to execute arbitrary code on the targeted server. The issue affects

CVE-2024-5482 [CRITICAL] CWE-918 CVE-2024-5482: A Server-Side Request Forgery (SSRF) vulnerability exists in the 'add_webpage' endpoint of the paris A Server-Side Request Forgery (SSRF) vulnerability exists in the 'add_webpage' endpoint of the parisneo/lollms-webui application, affecting the latest version. The vulnerability arises because the application does not adequately validate URLs entered by users, allowing them to input arbitrary URLs, including those that target internal resources such

CVE-2024-2624 [CRITICAL] CWE-29 CVE-2024-2624: A path traversal and arbitrary file upload vulnerability exists in the parisneo/lollms-webui applica A path traversal and arbitrary file upload vulnerability exists in the parisneo/lollms-webui application, specifically within the `@router.get("/switch_personal_path")` endpoint in `./lollms-webui/lollms_core/lollms/server/endpoints/lollms_user.py`. The vulnerability arises due to insufficient sanitization of user-supplied input for the `path` parame

CVE-2024-1873 [CRITICAL] CWE-22 CVE-2024-1873: parisneo/lollms-webui is vulnerable to path traversal and denial of service attacks due to an expose parisneo/lollms-webui is vulnerable to path traversal and denial of service attacks due to an exposed `/select_database` endpoint in version a9d16b0. The endpoint improperly handles file paths, allowing attackers to specify absolute paths when interacting with the `DiscussionsDB` instance. This flaw enables attackers to create directories anywhere on

CVE-2024-2362 [CRITICAL] CWE-36 CVE-2024-2362: A path traversal vulnerability exists in the parisneo/lollms-webui version 9.3 on the Windows platfo A path traversal vulnerability exists in the parisneo/lollms-webui version 9.3 on the Windows platform. Due to improper validation of file paths between Windows and Linux environments, an attacker can exploit this vulnerability to delete any file on the system. The issue arises from the lack of adequate sanitization of user-supplied input in the 'del

CVE-2024-2288 [HIGH] CWE-352 CVE-2024-2288: A Cross-Site Request Forgery (CSRF) vulnerability exists in the profile picture upload functionality A Cross-Site Request Forgery (CSRF) vulnerability exists in the profile picture upload functionality of the Lollms application, specifically in the parisneo/lollms-webui repository, affecting versions up to 7.3.0. This vulnerability allows attackers to change a victim's profile picture without their consent, potentially leading to a denial of service by

CVE-2024-2548 [HIGH] CWE-36 CVE-2024-2548: A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically within A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically within the `lollms_core/lollms/server/endpoints/lollms_binding_files_server.py` and `lollms_core/lollms/security.py` files. Due to inadequate validation of file paths between Windows and Linux environments using `Path(path).is_absolute()`, attackers can exploit th

CVE-2024-2178 [HIGH] CWE-29 CVE-2024-2178: A path traversal vulnerability exists in the parisneo/lollms-webui, specifically within the 'copy_to A path traversal vulnerability exists in the parisneo/lollms-webui, specifically within the 'copy_to_custom_personas' endpoint in the 'lollms_personalities_infos.py' file. This vulnerability allows attackers to read arbitrary files by manipulating the 'category' and 'name' parameters during the 'Copy to custom personas folder for editing' process. By ins

CVE-2024-4330 [LOW] CWE-23 CVE-2024-4330: A path traversal vulnerability was identified in the parisneo/lollms-webui repository, specifically A path traversal vulnerability was identified in the parisneo/lollms-webui repository, specifically within version 9.6. The vulnerability arises due to improper handling of user-supplied input in the 'list_personalities' endpoint. By crafting a malicious HTTP request, an attacker can traverse the directory structure and view the contents of any folder, alb

CVE-2024-4267 [CRITICAL] CWE-77 CVE-2024-4267: A remote code execution (RCE) vulnerability exists in the parisneo/lollms-webui, specifically within A remote code execution (RCE) vulnerability exists in the parisneo/lollms-webui, specifically within the 'open_file' module, version 9.5. The vulnerability arises due to improper neutralization of special elements used in a command within the 'open_file' function. An attacker can exploit this vulnerability by crafting a malicious file path that, when

CVE-2024-2358 [CRITICAL] CWE-29 CVE-2024-2358: A path traversal vulnerability in the '/apply_settings' endpoint of parisneo/lollms-webui allows att A path traversal vulnerability in the '/apply_settings' endpoint of parisneo/lollms-webui allows attackers to execute arbitrary code. The vulnerability arises due to insufficient sanitization of user-supplied input in the configuration settings, specifically within the 'extensions' parameter. Attackers can exploit this by crafting a payload that incl

CVE-2024-2366 [CRITICAL] CWE-77 CVE-2024-2366: A remote code execution vulnerability exists in the parisneo/lollms-webui application, specifically A remote code execution vulnerability exists in the parisneo/lollms-webui application, specifically within the reinstall_binding functionality in lollms_core/lollms/server/endpoints/lollms_binding_infos.py of the latest version. The vulnerability arises due to insufficient path sanitization, allowing an attacker to exploit path traversal to navigate t

CVE-2024-2361 [CRITICAL] CWE-29 CVE-2024-2361: A vulnerability in the parisneo/lollms-webui allows for arbitrary file upload and read due to insuff A vulnerability in the parisneo/lollms-webui allows for arbitrary file upload and read due to insufficient sanitization of user-supplied input. Specifically, the issue resides in the `install_model()` function within `lollms_core/lollms/binding.py`, where the application fails to properly sanitize the `file://` protocol and other inputs, leading to a

CVE-2024-4326 [CRITICAL] CWE-15 CVE-2024-4326: A vulnerability in parisneo/lollms-webui versions up to 9.3 allows remote attackers to execute arbit A vulnerability in parisneo/lollms-webui versions up to 9.3 allows remote attackers to execute arbitrary code. The vulnerability stems from insufficient protection of the `/apply_settings` and `/execute_code` endpoints. Attackers can bypass protections by setting the host to localhost, enabling code execution, and disabling code validation through th

CVE-2024-3126 [HIGH] CWE-78 CVE-2024-3126: A command injection vulnerability exists in the 'run_xtts_api_server' function of the parisneo/lollm A command injection vulnerability exists in the 'run_xtts_api_server' function of the parisneo/lollms-webui application, specifically within the 'lollms_xtts.py' script. The vulnerability arises due to the improper neutralization of special elements used in an OS command. The affected function utilizes 'subprocess.Popen' to execute a command constructed