Exploit Database
133,554 exploits tracked across all sources.
jmcginty15/Solar-system-simulator <2021-07-26 - Path Traversal
The jmcginty15/Solar-system-simulator repository through 2021-07-26 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
jaygarza1982/ytdl-sync <2021-01-02 - Path Traversal
The jaygarza1982/ytdl-sync repository through 2021-01-02 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
freefood89/Fishtank <2015-06-24 - Path Traversal
The freefood89/Fishtank repository through 2015-06-24 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
echoleegroup/PythonWeb <2018-10-31 - Path Traversal
The echoleegroup/PythonWeb repository through 2018-10-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
decentraminds/umbral <2020-01-15 - Path Traversal
The decentraminds/umbral repository through 2020-01-15 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
dankolbman/travel_blahg <2016-01-16 - Path Traversal
The dankolbman/travel_blahg repository through 2016-01-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
dainst/cilantro <0.0.4 - Path Traversal
The dainst/cilantro repository through 0.0.4 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
csm-aut/csm <3.5 - Path Traversal
The csm-aut/csm repository through 3.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
cinemaproject/monorepo <2021-03-03 - Path Traversal
The cinemaproject/monorepo repository through 2021-03-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
Bonn-Activity-Maps bam-annotation-tool - Path Traversal
The bonn-activity-maps/bam_annotation_tool repository through 2021-08-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
Wildog/flask-file-server <2020-02-20 - Path Traversal
The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
ThundeRatz/ThunderDocs <2020-05-01 - Path Traversal
The ThundeRatz/ThunderDocs repository through 2020-05-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
SummaLabs/DLS <0.1.0 - Path Traversal
The SummaLabs/DLS repository through 0.1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
PureStorage-OpenConnect/swagger <1.1.5 - Path Traversal
The PureStorage-OpenConnect/swagger repository through 1.1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
PaddlePaddle/Anakin <0.1.1 - Path Traversal
The PaddlePaddle/Anakin repository through 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
NotVinay/karaokey <2019-12-11 - Path Traversal
The NotVinay/karaokey repository through 2019-12-11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
Niyaz-Mohamed/mosaic <1.0.0 - Path Traversal
The Niyaz-Mohamed/mosaic repository through 1.0.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
Luxas98/logstash-management-api <2020-05-04 - Path Traversal
The Luxas98/logstash-management-api repository through 2020-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
Lukasavicus/WindMill <1.0 - Path Traversal
The Lukasavicus/WindMill repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
JustAnotherSoftwareDeveloper/Python-Recipe-Database <2021-03-31 - P...
The JustAnotherSoftwareDeveloper/Python-Recipe-Database repository through 2021-03-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
HolgerGraef/MSM <2021-04-20 - Path Traversal
The HolgerGraef/MSM repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
Harveyzyh/Python <2022-05-04 - Path Traversal
The Harveyzyh/Python repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
Delor4/CarceresBE <1.0 - Path Traversal
The Delor4/CarceresBE repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
Caoyongqi912/Fan_Platform <2021-04-20 - Path Traversal
The Caoyongqi912/Fan_Platform repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
BolunHan/Krypton <2021-06-03 - Path Traversal
The BolunHan/Krypton repository through 2021-06-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
By Source