Filtered by vendor Nocodb Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-35843 1 Nocodb 1 Nocodb 2024-12-12 7.5 High
NocoDB through 0.106.0 (or 0.109.1) has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server by manipulating the path parameter of the /download route. This vulnerability could allow an attacker to access sensitive files and data on the server, including configuration files, source code, and other sensitive information.
CVE-2023-5104 2 Nocodb, Xgenecloud 2 Nocodb, Nocodb 2024-11-21 6.5 Medium
Improper Input Validation in GitHub repository nocodb/nocodb prior to 0.96.0.