Gaizhenbiao Chuanhuchatgpt

32 CVEs affecting Gaizhenbiao Chuanhuchatgpt. Latest disclosed: 2025-03-20. Critical: 6, High: 13.

Top CVEs affecting Gaizhenbiao Chuanhuchatgpt
CVESeverityScorePublishedSummary
CVE-2024-5982Critical9.82024-10-29A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability arises from unsanitized input handling in multiple…
CVE-2024-5822Critical9.82024-06-27A Server-Side Request Forgery (SSRF) vulnerability exists in the upload processing interface of gaizhenbiao/ChuanhuChatGPT versions <= ChuanhuChatGPT-20240410-…
CVE-2024-3234Critical9.82024-06-06The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its use of an outdated gradio component. The application is designed…
CVE-2024-5823Critical9.12024-10-29A file overwrite vulnerability exists in gaizhenbiao/chuanhuchatgpt versions <= 20240410. This vulnerability allows an attacker to gain unauthorized access to…
CVE-2024-6037Critical9.12024-07-10A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create arbitrary folders at any location on the server, including the root…
CVE-2024-6036Critical9.12024-07-10A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to restart the server at will by sending a specific request to the `/queue/join?…
CVE-2024-8613High8.82025-03-20A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240802 allows attackers to access, copy, and delete other users' chat histories. This issue arises due…
CVE-2024-6255High8.22024-07-31A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to delete any JSON file on the server, including criti…
CVE-2024-9216High8.12025-03-20An authentication bypass vulnerability exists in gaizhenbiao/ChuanhuChatGPT, as of commit 3856d4f, allowing any user to read and delete other users' chat histo…
CVE-2024-10650High7.52025-03-20An unauthenticated Denial of Service (DoS) vulnerability was identified in ChuanhuChatGPT version 20240918, which could be exploited by sending large data payl…
CVE-2024-7962High7.52024-10-29An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to insufficient validation when loading prompt template files. A…
CVE-2024-7807High7.52024-10-29A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows for a Denial of Service (DOS) attack. When uploading a file, if an attacker appends a lar…
CVE-2024-6090High7.52024-06-27A path traversal vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240410, allowing any user to delete other users' chat histories. This vulnerabili…
CVE-2024-6038High7.52024-06-27A Regular Expression Denial of Service (ReDoS) vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability is located in the fi…
CVE-2024-5124High7.52024-06-06A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically within the password comparison logic. The vulnerability is pres…
CVE-2024-4520High7.52024-06-04An improper access control vulnerability exists in the gaizhenbiao/chuanhuchatgpt application, specifically in version 20240410. This vulnerability allows any…
CVE-2024-4321High7.52024-05-16A Local File Inclusion (LFI) vulnerability exists in the gaizhenbiao/chuanhuchatgpt application, specifically within the functionality for uploading chat histo…
CVE-2024-2217High7.52024-04-10gaizhenbiao/chuanhuchatgpt is vulnerable to improper access control, allowing unauthorized access to the `config.json` file. This vulnerability is present in b…
CVE-2023-34094High7.52023-06-02ChuanhuChatGPT is a graphical user interface for ChatGPT and many large language models. A vulnerability in versions 20230526 and prior allows unauthorized acc…
CVE-2025-0191Medium6.52025-03-20A Denial of Service (DoS) vulnerability exists in the file upload feature of gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability is due to improper…