Vulnerabilities > Trainenergyserver Project

DATE CVE VULNERABILITY TITLE RISK
2022-07-11 CVE-2022-31556 Path Traversal vulnerability in Trainenergyserver Project Trainenergyserver
The rusyasoft/TrainEnergyServer repository through 2017-08-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
trainenergyserver-project CWE-22
6.4