Enviar #598365: ageerle https://github.com/ageerle/ruoyi-ai v2.0.0 Unrestricted Uploadinformación

Títuloageerle https://github.com/ageerle/ruoyi-ai v2.0.0 Unrestricted Upload
DescripciónThe open source project "ageerle/ruoyi-ai" which implements AI chat and painting functions based on ruoyi-plus has an arbitrary file upload vulnerability, which allows attackers to upload any malicious files to any path on the server, resulting in the risk of arbitrary code execution and arbitrary file overwriting on the server.
Fuente⚠️ https://github.com/ageerle/ruoyi-ai/issues/9
Usuario
 Anonymous User
Sumisión2025-06-17 17:03 (hace 1 Año)
Moderación2025-06-21 07:12 (4 days later)
EstadoAceptado
Entrada de VulDB313574 [ageerle ruoyi-ai 2.0.0 SseServiceImpl.java speechToTextTranscriptionsV2/upload Archivo escalada de privilegios]
Puntos18

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!