Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ParisNeo — Vulnerabilities & Security Advisories 82

Browse all 82 CVE security advisories affecting ParisNeo. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Parisneo operates as a provider of digital signage and information display solutions, primarily targeting commercial and public sector environments for content management and advertising. Security audits have identified a significant history of vulnerabilities, with eighty-two Common Vulnerabilities and Exposures (CVEs) currently documented. These flaws predominantly involve remote code execution, cross-site scripting, and authentication bypasses, often stemming from inadequate input validation and weak access controls within the web-based management interfaces. Notable incidents include the exploitation of unpatched endpoints to gain administrative privileges, allowing attackers to manipulate displayed content or execute arbitrary commands on underlying systems. The high volume of disclosed issues suggests persistent challenges in secure coding practices and timely patch management. Organizations deploying Parisneo infrastructure must prioritize rigorous network segmentation and continuous vulnerability monitoring to mitigate the risk of unauthorized system access and data compromise inherent in these legacy and current software versions.

Top products by ParisNeo: parisneo/lollms-webui parisneo/lollms lollms-webui
CVE IDTitleCVSSSeverityPublished
CVE-2024-6985 Path Traversal in api open_personality_folder in parisneo/lollms-webui — parisneo/lollmsCWE-23 7.5AIHighAI2024-10-11
CVE-2024-6971 Path Traversal in parisneo/lollms-webui — parisneo/lollmsCWE-22 8.4AIHighAI2024-10-11
CVE-2024-6394 Local File Inclusion in parisneo/lollms-webui — parisneo/lollms-webuiCWE-29 7.5 -2024-09-30
CVE-2024-6040 Missing client_id in parisneo/lollms-webui — parisneo/lollmsCWE-352 8.8AIHighAI2024-08-01
CVE-2024-6281 Path Traversal in parisneo/lollms — parisneo/lollmsCWE-22 7.5 -2024-07-20
CVE-2024-4897 Remote Code Execution in parisneo/lollms-webui — parisneo/lollms-webuiCWE-76 9.8AICriticalAI2024-07-02
CVE-2024-5933 Cross-site Scripting (XSS) in parisneo/lollms-webui — parisneo/lollms-webuiCWE-79 6.1AIMediumAI2024-06-27
CVE-2024-6139 Path Traversal in parisneo/lollms — parisneo/lollmsCWE-29 5.3AIMediumAI2024-06-27
CVE-2024-5824 Path Traversal in parisneo/lollms — parisneo/lollmsCWE-22 9.8AICriticalAI2024-06-27
CVE-2024-6085 Path Traversal in parisneo/lollms — parisneo/lollmsCWE-22 9.1AICriticalAI2024-06-27
CVE-2024-6250 Absolute Path Traversal in parisneo/lollms-webui — parisneo/lollms-webuiCWE-36 7.5AIHighAI2024-06-27
CVE-2024-4498 Path Traversal and RFI Vulnerability in parisneo/lollms-webui — parisneo/lollms-webuiCWE-22 7.5AIHighAI2024-06-25
CVE-2024-4839 CSRF in Servers Configurations in parisneo/lollms-webui — parisneo/lollms-webuiCWE-352 8.8AIHighAI2024-06-24
CVE-2024-4499 CSRF Vulnerability in parisneo/lollms XTTS Server — parisneo/lollmsCWE-352 8.1AIHighAI2024-06-24
CVE-2024-3121 Remote Code Execution in create_conda_env function in parisneo/lollms — parisneo/lollmsCWE-94 9.8 -2024-06-24
CVE-2024-4841 Path Traversal in parisneo/lollms-webui — parisneo/lollms-webuiCWE-29 7.5 -2024-06-23
CVE-2024-5443 Remote Code Execution via Path Traversal in parisneo/lollms — parisneo/lollmsCWE-29 9.1 -2024-06-22
CVE-2024-4315 LFI Vulnerability due to Lack of Path Sanitization in parisneo/lollms — parisneo/lollmsCWE-22 9.8AICriticalAI2024-06-12
CVE-2024-4403 CSRF in restart_program in parisneo/lollms-webui — parisneo/lollms-webuiCWE-352 8.1 -2024-06-10
CVE-2024-4328 CSRF in clear_personality_files_list in parisneo/lollms-webui — parisneo/lollms-webuiCWE-352 8.1 -2024-06-10
CVE-2024-2359 Improper Neutralization of Special Elements used in an OS Command in parisneo/lollms-webui — parisneo/lollms-webuiCWE-78 9.8AICriticalAI2024-06-06
CVE-2024-2360 Path Traversal leading to Remote Code Execution in parisneo/lollms-webui — parisneo/lollms-webuiCWE-29 9.8AICriticalAI2024-06-06
CVE-2024-3429 Path Traversal in parisneo/lollms — parisneo/lollmsCWE-29 9.1AICriticalAI2024-06-06
CVE-2024-3322 Path Traversal in parisneo/lollms-webui — parisneo/lollms-webuiCWE-22 9.3AICriticalAI2024-06-06
CVE-2024-1873 Path Traversal and Denial of Service in parisneo/lollms-webui — parisneo/lollms-webuiCWE-22 7.5AIHighAI2024-06-06
CVE-2024-2288 CSRF File Upload Vulnerability in parisneo/lollms-webui — parisneo/lollms-webuiCWE-352 7.1AIHighAI2024-06-06
CVE-2024-4320 Remote Code Execution due to LFI in '/install_extension' in parisneo/lollms-webui — parisneo/lollms-webuiCWE-29 9.8AICriticalAI2024-06-06
CVE-2024-4881 Path Traversal in parisneo/lollms — parisneo/lollmsCWE-36 9.1AICriticalAI2024-06-06
CVE-2024-2624 Path Traversal and Arbitrary File Upload Vulnerability in parisneo/lollms-webui — parisneo/lollms-webuiCWE-29 9.1AICriticalAI2024-06-06
CVE-2024-2548 Path Traversal in parisneo/lollms-webui — parisneo/lollms-webuiCWE-36 6.2AIMediumAI2024-06-06

This page lists every published CVE security advisory associated with ParisNeo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.