sz-boot-parent sz-boot-parent <= v1.3.2-beta Arbitrary File Uploadالمعلومات

عنوان	feiyuchuixue https://github.com/feiyuchuixue/sz-boot-parent sz-boot-parent <= v1.3.2-beta Arbitrary File Upload
الوصف	The API endpoint `/api/admin/sys-file/upload` contains a critical arbitrary file upload vulnerability with insufficient file type validation and filtering mechanisms in place; this security flaw enables unauthorized actors to upload arbitrary file types—including HTML, EXE and other high-risk file formats—to the target server without any effective restrictions.
المصدر	⚠️ https://github.com/yuccun/CVE/blob/main/sz-boot-parent-Arbitrary_File_Upload.md
المستخدم	yuccun (UID 93614)
ارسال	07/02/2026 07:59 PM (3 أشهر منذ)
الاعتدال	25/02/2026 09:32 AM (18 days later)
الحالة	تمت الموافقة
إدخال VulDB	347745 [feiyuchuixue sz-boot-parent حتى 1.3.2-beta API Endpoint upload تجاوز الصلاحيات]
النقاط	18

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!