20240410

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-29	CVE-2024-5982	Path Traversal vulnerability in Gaizhenbiao Chuanhuchatgpt A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. network low complexity gaizhenbiao CWE-22 critical	9.8
2024-07-31	CVE-2024-6255	Unspecified vulnerability in Gaizhenbiao Chuanhuchatgpt 20240410 A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to delete any JSON file on the server, including critical configuration files such as `config.json` and `ds_config_chatbot.json`. network low complexity gaizhenbiao critical	9.1
2024-07-11	CVE-2024-6035	Unspecified vulnerability in Gaizhenbiao Chuanhuchatgpt 20240410 A Stored Cross-Site Scripting (XSS) vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240410. network low complexity gaizhenbiao	6.1
2024-06-06	CVE-2024-3402	Cross-site Scripting vulnerability in Gaizhenbiao Chuanhuchatgpt A stored Cross-Site Scripting (XSS) vulnerability existed in version (20240121) of gaizhenbiao/chuanhuchatgpt due to inadequate sanitization and validation of model output data. network low complexity gaizhenbiao CWE-79	5.4
2024-06-06	CVE-2024-3404	Unspecified vulnerability in Gaizhenbiao Chuanhuchatgpt In gaizhenbiao/chuanhuchatgpt, specifically the version tagged as 20240121, there exists a vulnerability due to improper access control mechanisms. network low complexity gaizhenbiao	6.5
2024-06-06	CVE-2024-5124	Information Exposure Through Discrepancy vulnerability in Gaizhenbiao Chuanhuchatgpt A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically within the password comparison logic. network low complexity gaizhenbiao CWE-203	7.5
2024-06-06	CVE-2024-5278	Unspecified vulnerability in Gaizhenbiao Chuanhuchatgpt gaizhenbiao/chuanhuchatgpt is vulnerable to an unrestricted file upload vulnerability due to insufficient validation of uploaded file types in its `/upload` endpoint. network low complexity gaizhenbiao	6.1
2024-06-04	CVE-2024-4520	Unspecified vulnerability in Gaizhenbiao Chuanhuchatgpt An improper access control vulnerability exists in the gaizhenbiao/chuanhuchatgpt application, specifically in version 20240410. network low complexity gaizhenbiao	7.5