| عنوان | linlinjava litemall <=v1.8.0 Arbitrary File Deletion |
|---|
| الوصف | An arbitrary file deletion vulnerability exists in the Litemall system at the /admin/storage/delete endpoint. Due to insufficient validation of user-provided input, authenticated users with delete permissions can craft requests to remove any file from the server's file system, including critical system files. This vulnerability poses a high risk as it can directly lead to denial of service or further compromise of the system. |
|---|
| المصدر | ⚠️ https://github.com/linlinjava/litemall/issues/564 |
|---|
| المستخدم | ez-lbz (UID 87033) |
|---|
| ارسال | 28/07/2025 03:37 AM (9 أشهر منذ) |
|---|
| الاعتدال | 08/08/2025 03:25 PM (11 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 319250 [linlinjava litemall حتى 1.8.0 File /admin/storage/delete key اجتياز الدليل] |
|---|
| النقاط | 19 |
|---|