CVE-2025-0191

all versions

A Denial of Service (DoS) vulnerability exists in the file upload feature of gaizhenbiao/chuanhuchatgpt version 20240914. The vuln

6.5MEDIUM

CVE-2025-0188

all versions

A Server-Side Request Forgery (SSRF) vulnerability was discovered in gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerabilit

6.5MEDIUM

CVE-2024-9216

all versions

An authentication bypass vulnerability exists in gaizhenbiao/ChuanhuChatGPT, as of commit 3856d4f, allowing any user to read and d

8.1HIGH

CVE-2024-9159

all versions

An incorrect authorization vulnerability exists in gaizhenbiao/chuanhuchatgpt version git c91dbfc. The vulnerability allows any us

6.5MEDIUM

CVE-2024-9107

all versions

A stored cross-site scripting (XSS) vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, affecting version git 20b2e

5.4MEDIUM

CVE-2024-8613

all versions

A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240802 allows attackers to access, copy, and delete other users' chat hist

8.8HIGH

CVE-2024-8400

< 20240410

A stored cross-site scripting (XSS) vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability al

5.4MEDIUM

CVE-2024-10955

all versions

A Regular Expression Denial of Service (ReDoS) vulnerability exists in gaizhenbiao/chuanhuchatgpt, as of commit 20b2e02. The serve

6.5MEDIUM

CVE-2024-10707

all versions

gaizhenbiao/chuanhuchatgpt version git d4ec6a3 is affected by a local file inclusion vulnerability due to the use of the gradio co

6.5MEDIUM

CVE-2024-10650

all versions

An unauthenticated Denial of Service (DoS) vulnerability was identified in ChuanhuChatGPT version 20240918, which could be exploit

7.5HIGH

CVE-2024-48059

<= 20240802

gaizhenbiao/chuanhuchatgpt project, version <=20240802 is vulnerable to stored Cross-Site Scripting (XSS) in WebSocket session tra

6.1MEDIUM

CVE-2024-8143

all versions

In the latest version (20240628) of gaizhenbiao/chuanhuchatgpt, an issue exists in the /file endpoint that allows authenticated us

4.3MEDIUM

CVE-2024-7962

all versions

An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to insufficient validation when loa

7.5HIGH

CVE-2024-7807

all versions

A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows for a Denial of Service (DOS) attack. When uploading a file,

7.5HIGH

CVE-2024-5982

< 20240918

A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability arises from unsanitiz

9.8CRITICAL

CVE-2024-5823

<= 2024-04-10

A file overwrite vulnerability exists in gaizhenbiao/chuanhuchatgpt versions <= 20240410. This vulnerability allows an attacker to

9.1CRITICAL

CVE-2024-6255

all versions

A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to delete any JSON file o

8.2HIGH

CVE-2024-6035

all versions

A Stored Cross-Site Scripting (XSS) vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240410. This vulnerability allows

6.1MEDIUM

CVE-2024-6037

all versions

A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create arbitrary folders at any location on t

9.1CRITICAL

CVE-2024-6036

all versions

A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to restart the server at will by sending a specific

9.1CRITICAL

CVE-2024-6090

all versions

A path traversal vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240410, allowing any user to delete other users' cha

7.5HIGH

CVE-2024-6038

all versions

A Regular Expression Denial of Service (ReDoS) vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulne

7.5HIGH

CVE-2024-5822

all versions

A Server-Side Request Forgery (SSRF) vulnerability exists in the upload processing interface of gaizhenbiao/ChuanhuChatGPT version

9.8CRITICAL

CVE-2024-5278

< 20240919

gaizhenbiao/chuanhuchatgpt is vulnerable to an unrestricted file upload vulnerability due to insufficient validation of uploaded f

6.1MEDIUM

CVE-2024-5124

< 20240628

A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically within the password comparison log

7.5HIGH

CVE-2024-3404

< 20240919-4

In gaizhenbiao/chuanhuchatgpt, specifically the version tagged as 20240121, there exists a vulnerability due to improper access co

6.5MEDIUM

CVE-2024-3402

< 20240918

A stored Cross-Site Scripting (XSS) vulnerability existed in version (20240121) of gaizhenbiao/chuanhuchatgpt due to inadequate sa

5.4MEDIUM

CVE-2024-3234

< 20240305

The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its use of an outdated gradio component

9.8CRITICAL

CVE-2024-4520

<= 20240410

An improper access control vulnerability exists in the gaizhenbiao/chuanhuchatgpt application, specifically in version 20240410. T

7.5HIGH

CVE-2024-4321

all versions

A Local File Inclusion (LFI) vulnerability exists in the gaizhenbiao/chuanhuchatgpt application, specifically within the functiona

7.5HIGH

CVE-2024-2217

all versions

gaizhenbiao/chuanhuchatgpt is vulnerable to improper access control, allowing unauthorized access to the config.json file. This

7.5HIGH

CVE-2023-34094

<= 2023-05-26

ChuanhuChatGPT is a graphical user interface for ChatGPT and many large language models. A vulnerability in versions 20230526 and

7.5HIGH