إرسال #598365: ageerle https://github.com/ageerle/ruoyi-ai v2.0.0 Unrestricted Uploadالمعلومات

عنوانageerle https://github.com/ageerle/ruoyi-ai v2.0.0 Unrestricted Upload
الوصفThe open source project "ageerle/ruoyi-ai" which implements AI chat and painting functions based on ruoyi-plus has an arbitrary file upload vulnerability, which allows attackers to upload any malicious files to any path on the server, resulting in the risk of arbitrary code execution and arbitrary file overwriting on the server.
المصدر⚠️ https://github.com/ageerle/ruoyi-ai/issues/9
المستخدم
 Anonymous User
ارسال17/06/2025 05:03 PM (1 سنة منذ)
الاعتدال21/06/2025 07:12 AM (4 days later)
الحالةتمت الموافقة
إدخال VulDB313574 [ageerle ruoyi-ai 2.0.0 SseServiceImpl.java speechToTextTranscriptionsV2/upload ملف تجاوز الصلاحيات]
النقاط18

Interested in the pricing of exploits?

See the underground prices here!