Soumettre #480842: JoeyBling bootplus 1.0 any file download availableinformation

TitreJoeyBling bootplus 1.0 any file download available
DescriptionThe download method of src/main/java/io/github/controller/SysFileController.java does not filter the name parameter, resulting in the absolute path of the input file being able to download the file
La source⚠️ https://github.com/JoeyBling/bootplus/issues/25
Utilisateur
 LVZC3 (UID 79687)
Soumission14/01/2025 12:44 (il y a 1 Année)
Modérer24/01/2025 10:46 (10 days later)
StatutAccepté
Entrée VulDB293231 [JoeyBling bootplus SysFileController.java Nom directory traversal]
Points16

Do you know our Splunk app?

Download it now for free!