Enviar #585884: aaluoxiang https://gitee.com/aaluoxiang/oa_system 20250228 latest version Path Traversalinformación

Títuloaaluoxiang https://gitee.com/aaluoxiang/oa_system 20250228 latest version Path Traversal
DescripciónThe open source OA office automation system [aaluoxiang/oa_system](https://gitee.com/aaluoxiang/oa_system) has an API with an arbitrary file read vulnerability (route is "image/**"), which allows attackers to read files in any path on the server, resulting in sensitive information leakage.
Fuente⚠️ https://github.com/honorseclab/vulns/blob/main/aaluoxiang_oasystem/ArbitaryFileRead01.md
Usuario
 Anonymous User
Sumisión2025-05-28 10:53 (hace 1 Año)
Moderación2025-06-03 18:32 (6 days later)
EstadoAceptado
Entrada de VulDB310994 [aaluoxiang oa_system hasta 5b445a6227b51cee287bd0c7c33ed94b801a82a5 UserpanelController.java image recorrido de directorios]
Puntos18

AnteriorVisión De ConjuntoPróximo

Interested in the pricing of exploits?

See the underground prices here!