Exploit Database
133,554 exploits tracked across all sources.
Waveyan Internship System <2018-05-22 - Path Traversal
The waveyan/internshipsystem repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
varijkapil13/Sphere_ImageBackend <2019-10-03 - Path Traversal
The varijkapil13/Sphere_ImageBackend repository through 2019-10-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
UncleYiba/photo_tag <2020-08-31 - Path Traversal
The uncleYiba/photo_tag repository through 2020-08-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
tsileo/flask-yeoman <2013-09-13 - Path Traversal
The tsileo/flask-yeoman repository through 2013-09-13 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
Tooxie/Shiva-Server <0.10.0 - Path Traversal
The tooxie/shiva-server repository through 0.10.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
seveas/golem <2016-05-17 - Path Traversal
The seveas/golem repository through 2016-05-17 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
rusyasoft/TrainEnergyServer <2017-08-03 - Path Traversal
The rusyasoft/TrainEnergyServer repository through 2017-08-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
Romain20100/NurseQuest <2018-02-22 - Path Traversal
The romain20100/nursequest repository through 2018-02-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
rohitnayak/movie-review-sentiment-analysis <2017-05-07 - Path Trave...
The rohitnayak/movie-review-sentiment-analysis repository through 2017-05-07 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
rainsoupah/sleep-learner <2021-02-21 - Path Traversal
The rainsoupah/sleep-learner repository through 2021-02-21 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
project-anuvaad/anuvaad-corpus <2020-11-23 - Path Traversal
The project-anuvaad/anuvaad-corpus repository through 2020-11-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
pleomax00/flask-mongo-skel <2012-11-01 - Path Traversal
The pleomax00/flask-mongo-skel repository through 2012-11-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
olmax99/pyathenastack <2019-11-08 - Path Traversal
The olmax99/pyathenastack repository through 2019-11-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
olmax99/helm-flask-celery <2022-05-25 - Path Traversal
The olmax99/helm-flask-celery repository before 2022-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
nrlakin/homepage <2017-03-06 - Path Traversal
The nrlakin/homepage repository through 2017-03-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
noamezekiel/sphere <2020-05-31 - Path Traversal
The noamezekiel/sphere repository through 2020-05-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
nlpweb/glance <2014-06-27 - Path Traversal
The nlpweb/glance repository through 2014-06-27 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
ml-inory/ModelConverter <2021-04-26 - Path Traversal
The ml-inory/ModelConverter repository through 2021-04-26 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
meerstein/rbtm <1.5 - Path Traversal
The meerstein/rbtm repository through 1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
maxtortime/SetupBox <1.0 - Path Traversal
The maxtortime/SetupBox repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
Mandoku/mdweb <2015-05-07 - Path Traversal
The mandoku/mdweb repository through 2015-05-07 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
lyubolp/Barry-Voice-Assistant <2021-01-18 - Path Traversal
The lyubolp/Barry-Voice-Assistant repository through 2021-01-18 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
kumardeepak/hin-eng-preprocessing <2019-07-16 - Path Traversal
The kumardeepak/hin-eng-preprocessing repository through 2019-07-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
kotekan/kotekan <2021.11 - Path Traversal
The kotekan/kotekan repository through 2021.11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
joaopedro-fg/mp-m08-interface <2020-12-10 - Path Traversal
The joaopedro-fg/mp-m08-interface repository through 2020-12-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
By Source