| Titre | https://github.com/megagao/production_ssm production_ssm v1.0 Arbitrary file deletion |
|---|
| Description | The production_ssm system contains an arbitrary file deletion vulnerability.The /file/delete interface of the roduction_ssm system contains an arbitrary file deletion vulnerability.The system does not filter directory traversal characters when detecting file paths, allowing attackers to traverse paths and delete arbitrary files using the "..\" operator. |
|---|
| La source | ⚠️ https://github.com/megagao/production_ssm/issues/37 |
|---|
| Utilisateur | Jszdk (UID 95030) |
|---|
| Soumission | 09/02/2026 08:58 (il y a 3 mois) |
|---|
| Modérer | 20/02/2026 15:17 (11 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 347102 [feng_ha_ha/megagao ssm-erp/production_ssm FileServiceImpl.java deleteFile directory traversal] |
|---|
| Points | 19 |
|---|