Unrated severityNVD Advisory· Published Mar 20, 2025· Updated Oct 15, 2025
Path Traversal in parisneo/lollms-webui
CVE-2024-8581
Description
A vulnerability in the upload_app function of parisneo/lollms-webui V12 (Strawberry) allows an attacker to delete any file or directory on the system. The function does not implement user input filtering with the filename value, causing a Path Traversal error.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.