📦 Chuanhuchatgpt

This vulnerability allows attackers to overwrite critical configuration files in gaizhenbiao/chuanhuchatgpt, potentially altering system behavior, security settings, or causing denial of service. User...

This vulnerability in gaizhenbiao/chuanhuchatgpt allows any user to restart the server by sending a specific request to the /queue/join? endpoint with fn_index:66. This can cause service disruption, d...

This SSRF vulnerability in ChuanhuChatGPT's upload processing interface allows attackers to make the server send requests to internal or external resources, potentially accessing sensitive data or byp...

This authentication bypass vulnerability in ChuanhuChatGPT allows attackers to read and delete other users' chat histories by manipulating username parameters in HTTP requests. Any deployment of the a...

An arbitrary file read vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows attackers to read sensitive files on the server by exploiting insufficient validation of prompt template file...

This vulnerability allows any user to delete any JSON file on the server through directory traversal attacks due to improper path validation. It affects gaizhenbiao/chuanhuchatgpt version 20240410, po...

A path traversal vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to delete other users' chat histories and any .json files on the system. This can cause denial of service ...

This timing attack vulnerability in gaizhenbiao/chuanhuchatgpt allows attackers to guess passwords by measuring how long password comparisons take. Attackers can exploit this to compromise user accoun...

This CVE-2024-4520 vulnerability allows any user on the gaizhenbiao/chuanhuchatgpt server to access other users' chat histories without authorization. It affects all users of version 20240410 of this ...

A Local File Inclusion vulnerability in gaizhenbiao/chuanhuchatgpt version 20240310 allows attackers to read arbitrary files on the server by manipulating the 'name' parameter during chat history uplo...

A Denial of Service vulnerability in gaizhenbiao/chuanhuchatgpt allows attackers to crash the service by uploading files with excessively long filenames. This affects all users running version 2024091...

A Server-Side Request Forgery (SSRF) vulnerability in gaizhenbiao/chuanhuchatgpt allows attackers to make the application send requests to internal systems by manipulating URL responses. This affects ...

A stored cross-site scripting (XSS) vulnerability in the gaizhenbiao/chuanhuchatgpt repository allows attackers to inject malicious JavaScript via improperly sanitized HTML tags in chat history upload...

This CVE describes a Regular Expression Denial of Service (ReDoS) vulnerability in gaizhenbiao/chuanhuchatgpt where a regex pattern used to parse user input can be exploited to cause excessive CPU con...

This vulnerability allows unauthenticated attackers to read arbitrary files on servers running vulnerable versions of gaizhenbiao/chuanhuchatgpt. The issue stems from improper input validation in the ...

A stored XSS vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows attackers to inject malicious JavaScript into chat history files. When victims upload these files, the script executes ...

This vulnerability allows attackers to upload malicious files to the gaizhenbiao/chuanhuchatgpt application due to insufficient file validation. Attackers can upload HTML files with XSS payloads or Py...

This vulnerability allows authenticated attackers to bypass access controls and read other users' chat history files in the gaizhenbiao/chuanhuchatgpt application. It affects users of version 20240121...