إرسال #602374: xiaoyunjie openvpn-cms-flask 1.2.7 Arbitrary File Writeالمعلومات

عنوان	xiaoyunjie openvpn-cms-flask 1.2.7 Arbitrary File Write
الوصف	There is an unauthenticated arbitrary file upload vulnerability with path traversal capability exists in the upload_to_local endpoint (app/plugins/oss/app/controller.py), allowing attackers to upload arbitrary file into the server. Details can be found in https://github.com/xiaoyunjie/openvpn-cms-flask/issues/23.
المصدر	⚠️ https://github.com/xiaoyunjie/openvpn-cms-flask/issues/23
المستخدم	Tritium (UID 50779)
ارسال	22/06/2025 04:26 PM (10 أشهر منذ)
الاعتدال	27/06/2025 01:03 PM (5 days later)
الحالة	تمت الموافقة
إدخال VulDB	314092 [xiaoyunjie openvpn-cms-flask حتى 1.2.7 File Upload controller.py upload image اجتياز الدليل]
النقاط	19

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!