| عنوان | SSCMS V4.7.0 SSCMS Arbitrary File Deletion |
|---|
| الوصف | endpoint accepts user-controlled filePaths and does not enforce a secure canonical-path boundary check.
By supplying traversal input (e.g., ../...), an attacker with admin access can target files outside the intended upload scope.
If isLinkToOriginal=false, it deletes the original file path, enabling arbitrary file deletion.
Affected Code |
|---|
| المصدر | ⚠️ https://www.yuque.com/la12138/pa2fpb/vlyutc51eb7vhwaz?singleDoc |
|---|
| المستخدم | Saul1213 (UID 94577) |
|---|
| ارسال | 07/03/2026 01:27 PM (1 شهر منذ) |
|---|
| الاعتدال | 21/03/2026 04:17 PM (14 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 352359 [SSCMS 4.7.0 layerImage Endpoint LayerImageController.Submit.cs filePaths اجتياز الدليل] |
|---|
| النقاط | 18 |
|---|