NocoDB version <= 0.106.1 - Arbitrary File Read CVE-2023-35843 Scanner
There is an arbitrary file read vulnerability in NocoDB version <= 0.106.1, which allow remote attackers to read arbitrary files.
Can be used by
Scan only one
NocoDB version <= 0.106.1 - Arbitrary File Read CVE-2023-35843 Scanner Detail
NocoDB through 0.106.0 (or 0.109.1) has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server by manipulating the path parameter of the /download route. This vulnerability could allow an attacker to access sensitive files and data on the server, including configuration files, source code, and other sensitive information.