Submit #641567: 299Ko 299ko V2.0.0 Delete any fileinfo

Titel	299Ko 299ko V2.0.0 Delete any file
Beschreibung	The root of the vulnerability lies within the getSentDir() and delete() method in the plugin/filemanager/controllers/FileManagerAPIController.php file,users can delete any file on the server.
Quelle	⚠️ https://github.com/August829/Yu/blob/main/58ead8e7e08bfb010.md
Benutzer	Yu Bao (UID 88956)
Einreichung	26.08.2025 03:56 (vor 10 Monaten)
Moderieren	10.09.2025 15:37 (15 days later)
Status	Akzeptiert
VulDB Eintrag	323501 [299ko bis 2.0.0 FileManagerAPIController.php getSentDir/delete Directory Traversal]
Punkte	17

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!