إرسال #747409: https://github.com/guchengwuyue/yshopmall yshopmall V1.9.1 Incomplete Identification of Uploaded File Variablesالمعلومات

عنوانhttps://github.com/guchengwuyue/yshopmall yshopmall V1.9.1 Incomplete Identification of Uploaded File Variables
الوصفFrom function co.yixiang.modules.system.rest.SysUserController#updateAvatar to function co.yixiang.utils.FileUtil#upload. Users can freely upload malicious files such as HTML and JSP, which can lead to XSS or even RCE vulnerabilities. Taint Propagation: SysUserController.updateAvatar() Line 205: @RequestParam MultipartFile file ↓ Line 206: userService.updateAvatar(file) ↓ SysUserServiceImpl.updateAvatar() Line 185: FileUtil.upload(multipartFile, avatar) ↓ FileUtil.upload() Line 163: File dest = new File(path).getCanonicalFile() ↓ Line 169: file.transferTo(dest)
المصدر⚠️ https://github.com/guchengwuyue/yshopmall/issues/40
المستخدم
 mukyuuhate (UID 93052)
ارسال27/01/2026 02:18 PM (3 أشهر منذ)
الاعتدال07/02/2026 08:50 AM (11 days later)
الحالةتمت الموافقة
إدخال VulDB344848 [guchengwuyue yshopmall حتى 1.9.1 co.yixiang.utils.FileUtil /api/users/updateAvatar ملف تجاوز الصلاحيات]
النقاط20

التالي نظرة عامة السابق

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!