Writeup Exploits
54,084 exploits tracked across all sources.
adriankoczuruek/ceneo-web-scrapper <2021-03-15 - Path Traversal
The adriankoczuruek/ceneo-web-scrapper repository through 2021-03-15 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.8
Rexians/rex-web <2022-06-05 - Path Traversal
The Rexians/rex-web repository through 2022-06-05 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
DSABenchmark/DSAB <2.1 - Path Traversal
The DSABenchmark/DSAB repository through 2.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
DSAB-local/DSAB <2019-02-18 - Path Traversal
The DSAB-local/DSAB repository through 2019-02-18 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 8.6
yogson/syrabond <2020-05-25 - Path Traversal
The yogson/syrabond repository through 2020-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
woduq1414/munhak-moa <2022-05-03 - Path Traversal
The woduq1414/munhak-moa repository before 2022-05-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
whmacmac/vprj <2022-04-06 - Path Traversal
The whmacmac/vprj repository through 2022-04-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
Waveyan Internship System <2018-05-22 - Path Traversal
The waveyan/internshipsystem repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
varijkapil13/Sphere_ImageBackend <2019-10-03 - Path Traversal
The varijkapil13/Sphere_ImageBackend repository through 2019-10-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
UncleYiba/photo_tag <2020-08-31 - Path Traversal
The uncleYiba/photo_tag repository through 2020-08-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
tsileo/flask-yeoman <2013-09-13 - Path Traversal
The tsileo/flask-yeoman repository through 2013-09-13 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
Tooxie/Shiva-Server <0.10.0 - Path Traversal
The tooxie/shiva-server repository through 0.10.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
seveas/golem <2016-05-17 - Path Traversal
The seveas/golem repository through 2016-05-17 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
rusyasoft/TrainEnergyServer <2017-08-03 - Path Traversal
The rusyasoft/TrainEnergyServer repository through 2017-08-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
Romain20100/NurseQuest <2018-02-22 - Path Traversal
The romain20100/nursequest repository through 2018-02-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
rohitnayak/movie-review-sentiment-analysis <2017-05-07 - Path Trave...
The rohitnayak/movie-review-sentiment-analysis repository through 2017-05-07 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
rainsoupah/sleep-learner <2021-02-21 - Path Traversal
The rainsoupah/sleep-learner repository through 2021-02-21 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
project-anuvaad/anuvaad-corpus <2020-11-23 - Path Traversal
The project-anuvaad/anuvaad-corpus repository through 2020-11-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
pleomax00/flask-mongo-skel <2012-11-01 - Path Traversal
The pleomax00/flask-mongo-skel repository through 2012-11-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
olmax99/pyathenastack <2019-11-08 - Path Traversal
The olmax99/pyathenastack repository through 2019-11-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
olmax99/helm-flask-celery <2022-05-25 - Path Traversal
The olmax99/helm-flask-celery repository before 2022-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
nrlakin/homepage <2017-03-06 - Path Traversal
The nrlakin/homepage repository through 2017-03-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
noamezekiel/sphere <2020-05-31 - Path Traversal
The noamezekiel/sphere repository through 2020-05-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
nlpweb/glance <2014-06-27 - Path Traversal
The nlpweb/glance repository through 2014-06-27 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
ml-inory/ModelConverter <2021-04-26 - Path Traversal
The ml-inory/ModelConverter repository through 2021-04-26 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
CVSS 9.3
By Source