| عنوان | https://github.com/megagao/production_ssm production_ssm v1.0 Arbitrary file deletion |
|---|
| الوصف | The production_ssm system contains an arbitrary file deletion vulnerability.The /file/delete interface of the roduction_ssm system contains an arbitrary file deletion vulnerability.The system does not filter directory traversal characters when detecting file paths, allowing attackers to traverse paths and delete arbitrary files using the "..\" operator. |
|---|
| المصدر | ⚠️ https://github.com/megagao/production_ssm/issues/37 |
|---|
| المستخدم | Jszdk (UID 95030) |
|---|
| ارسال | 09/02/2026 08:58 AM (3 أشهر منذ) |
|---|
| الاعتدال | 20/02/2026 03:17 PM (11 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 347102 [feng_ha_ha/megagao ssm-erp/production_ssm حتى 4288d53bd35757b27f2d070057aefb2c07bdd097 FileServiceImpl.java deleteFile اجتياز الدليل] |
|---|
| النقاط | 19 |
|---|