|
4221
|
7.3 |
HIGH
Network
|
-
|
-
|
Se ha encontrado una vulnerabilidad en PromtEngineer localGPT hasta 4d41c7d1713b16b216d8e062e51a5dd88b20b054. El elemento afectado es la función do_POST del archivo backend/servidor.py. Esta manipula…
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-5001
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4222
|
6.3 |
MEDIUM
Network
|
-
|
-
|
Se detectó una vulnerabilidad en elecV2 elecV2P hasta 3.8.3. Esta vulnerabilidad afecta la función runJSFile del archivo /webhook del componente JSON Parser. Realizar una manipulación del argumento r…
|
CWE-74
CWE-94
Injection
Code Injection
|
CVE-2026-5011
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4223
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in elecV2 elecV2P up to 3.8.3. This issue affects the function pm2run of the file /rpc. Executing a manipulation can lead to os command injection. The attack can be executed rem…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-5012
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4224
|
7.3 |
HIGH
Network
|
-
|
-
|
Se ha encontrado una falla en elecV2 elecV2P hasta la versión 3.8.3. Este problema afecta a la función pm2run del archivo /rpc. La ejecución de una manipulación puede llevar a una inyección de comand…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-5012
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4225
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The impacted element is the function _route_using_overviews of the file backend/server.py of t…
|
CWE-74
CWE-707
Injection
Improper Enforcement of Message or Data Structure
|
CVE-2026-5002
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4226
|
7.3 |
HIGH
Network
|
-
|
-
|
Se ha encontrado una vulnerabilidad en PromtEngineer localGPT hasta 4d41c7d1713b16b216d8e062e51a5dd88b20b054. El elemento afectado es la función _route_using_overviews del archivo backend/server.py d…
|
CWE-74
CWE-707
Injection
Improper Enforcement of Message or Data Structure
|
CVE-2026-5002
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4227
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. This affects the function handle_index of the file rag_system/api_server.py of the component Web In…
|
CWE-200
CWE-284
Information Exposure
Improper Access Control
|
CVE-2026-5003
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4228
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Se encontró una vulnerabilidad en PromtEngineer localGPT hasta 4d41c7d1713b16b216d8e062e51a5dd88b20b054. Esto afecta la función handle_index del archivo rag_system/api_server.py del componente Interf…
|
CWE-200
CWE-284
Information Exposure
Improper Access Control
|
CVE-2026-5003
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4229
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in elecV2 elecV2P up to 3.8.3. Impacted is the function path.join of the file /store/:key. The manipulation of the argument URL leads to path traversal. The attack is p…
|
CWE-22
Path Traversal
|
CVE-2026-5013
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4230
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Se ha encontrado una vulnerabilidad en elecV2 elecV2P hasta la versión 3.8.3. Se ve afectada la función path.join del archivo /store/:key. La manipulación del argumento URL conduce a un salto de ruta…
|
CWE-22
Path Traversal
|
CVE-2026-5013
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
