Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

parisneo — Vulnerabilities & Security Advisories 82

Browse all 82 CVE security advisories affecting parisneo. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Parisneo operates as a provider of digital signage and information display solutions, primarily targeting commercial and public sector environments for content management and advertising. Security audits have identified a significant history of vulnerabilities, with eighty-two Common Vulnerabilities and Exposures (CVEs) currently documented. These flaws predominantly involve remote code execution, cross-site scripting, and authentication bypasses, often stemming from inadequate input validation and weak access controls within the web-based management interfaces. Notable incidents include the exploitation of unpatched endpoints to gain administrative privileges, allowing attackers to manipulate displayed content or execute arbitrary commands on underlying systems. The high volume of disclosed issues suggests persistent challenges in secure coding practices and timely patch management. Organizations deploying Parisneo infrastructure must prioritize rigorous network segmentation and continuous vulnerability monitoring to mitigate the risk of unauthorized system access and data compromise inherent in these legacy and current software versions.

Found 53 results / 82Clear Filters
Top products by parisneo: parisneo/lollms-webui parisneo/lollms lollms-webui
CVE IDTitleCVSSSeverityPublished
CVE-2024-2356 Remote Code Execution due to LFI in '/reinstall_extension' in parisneo/lollms-webui — parisneo/lollms-webuiCWE-29 9.8AICriticalAI2026-02-02
CVE-2024-12766 SSRF in parisneo/lollms-webui — parisneo/lollms-webuiCWE-918 9.8 -2025-03-20
CVE-2024-8736 Denial of Service (DoS) via Multipart Boundary in parisneo/lollms-webui — parisneo/lollms-webuiCWE-352 6.5 -2025-03-20
CVE-2024-8898 Path Traversal in parisneo/lollms-webui — parisneo/lollms-webuiCWE-22 9.1 -2025-03-20
CVE-2025-1451 Insufficient Patch Leading to DoS in parisneo/lollms-webui — parisneo/lollms-webuiCWE-770 7.5 -2025-03-20
CVE-2024-6986 Cross-site Scripting (XSS) in parisneo/lollms-webui — parisneo/lollms-webuiCWE-79 5.4 -2025-03-20
CVE-2024-10019 Path Traversal and OS Command Injection in parisneo/lollms-webui — parisneo/lollms-webuiCWE-78 9.8 -2025-03-20
CVE-2024-9920 Unrestricted File Upload and Execution in parisneo/lollms-webui — parisneo/lollms-webuiCWE-434 9.8 -2025-03-20
CVE-2024-9919 Missing Authentication Check in parisneo/lollms-webui — parisneo/lollms-webuiCWE-306 7.5 -2025-03-20
CVE-2024-10047 Directory Listing Vulnerability in parisneo/lollms-webui — parisneo/lollms-webuiCWE-36 5.3 -2025-03-20
CVE-2024-8581 Path Traversal in parisneo/lollms-webui — parisneo/lollms-webuiCWE-22 7.5 -2025-03-20
CVE-2024-5125 XSS and Open Redirect via SVG File Upload in parisneo/lollms-webui — parisneo/lollms-webuiCWE-79 6.1 -2024-11-14
CVE-2024-6673 CSRF Vulnerability in parisneo/lollms-webui — parisneo/lollms-webuiCWE-352 8.1AIHighAI2024-10-29
CVE-2024-6674 Data Leak through CORS Misconfiguration in parisneo/lollms-webui — parisneo/lollms-webuiCWE-346 7.1AIHighAI2024-10-29
CVE-2024-6959 Denial of Service (DOS) in multipart boundary while uploading file in parisneo/lollms-webui — parisneo/lollms-webuiCWE-352 7.5 -2024-10-13
CVE-2024-6394 Local File Inclusion in parisneo/lollms-webui — parisneo/lollms-webuiCWE-29 7.5 -2024-09-30
CVE-2024-4897 Remote Code Execution in parisneo/lollms-webui — parisneo/lollms-webuiCWE-76 9.8AICriticalAI2024-07-02
CVE-2024-5933 Cross-site Scripting (XSS) in parisneo/lollms-webui — parisneo/lollms-webuiCWE-79 6.1AIMediumAI2024-06-27
CVE-2024-6250 Absolute Path Traversal in parisneo/lollms-webui — parisneo/lollms-webuiCWE-36 7.5AIHighAI2024-06-27
CVE-2024-4498 Path Traversal and RFI Vulnerability in parisneo/lollms-webui — parisneo/lollms-webuiCWE-22 7.5AIHighAI2024-06-25
CVE-2024-4839 CSRF in Servers Configurations in parisneo/lollms-webui — parisneo/lollms-webuiCWE-352 8.8AIHighAI2024-06-24
CVE-2024-4841 Path Traversal in parisneo/lollms-webui — parisneo/lollms-webuiCWE-29 7.5 -2024-06-23
CVE-2024-4403 CSRF in restart_program in parisneo/lollms-webui — parisneo/lollms-webuiCWE-352 8.1 -2024-06-10
CVE-2024-4328 CSRF in clear_personality_files_list in parisneo/lollms-webui — parisneo/lollms-webuiCWE-352 8.1 -2024-06-10
CVE-2024-2359 Improper Neutralization of Special Elements used in an OS Command in parisneo/lollms-webui — parisneo/lollms-webuiCWE-78 9.8AICriticalAI2024-06-06
CVE-2024-2360 Path Traversal leading to Remote Code Execution in parisneo/lollms-webui — parisneo/lollms-webuiCWE-29 9.8AICriticalAI2024-06-06
CVE-2024-3322 Path Traversal in parisneo/lollms-webui — parisneo/lollms-webuiCWE-22 9.3AICriticalAI2024-06-06
CVE-2024-1873 Path Traversal and Denial of Service in parisneo/lollms-webui — parisneo/lollms-webuiCWE-22 7.5AIHighAI2024-06-06
CVE-2024-2288 CSRF File Upload Vulnerability in parisneo/lollms-webui — parisneo/lollms-webuiCWE-352 7.1AIHighAI2024-06-06
CVE-2024-4320 Remote Code Execution due to LFI in '/install_extension' in parisneo/lollms-webui — parisneo/lollms-webuiCWE-29 9.8AICriticalAI2024-06-06

This page lists every published CVE security advisory associated with parisneo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.