Submit #619776: yanyutao0402 https://gitee.com/yanyutao0402/ChanCMS <3.1.3 Arbitrary File Deletioninfo

Titelyanyutao0402 https://gitee.com/yanyutao0402/ChanCMS <3.1.3 Arbitrary File Deletion
BeschreibungArbitrary File Deletion Vulnerability on article/delfile The image deletion function performs no security checks on user-controllable file paths, thus allowing attackers to delete arbitrary system files.
Quelle⚠️ https://gitee.com/yanyutao0402/ChanCMS/issues/ICLOT8
Benutzer
 ZAST.AI (UID 87884)
Einreichung21.07.2025 14:20 (vor 11 Monaten)
Moderieren24.07.2025 17:44 (3 days later)
StatusAkzeptiert
VulDB Eintrag317528 [yanyutao0402 ChanCMS bis 3.1.2 app/extend/utils.js delfile Directory Traversal]
Punkte17

ZurückÜbersichtWeiter

Do you know our Splunk app?

Download it now for free!