जमा करें #563538: vector4wang spring-boot-quick master branch Path Traversalजानकारी

शीर्षक	vector4wang spring-boot-quick master branch Path Traversal
विवरण	In the subproject quick-img2txt of the spring-boot-quick repository, the endpoint /transfer lacks proper path validation. An attacker can exploit this by crafting path parameters to upload files to arbitrary locations on the system. Project Link: https://github.com/vector4wang/spring-boot-quick Affected Version: master branch Affected API: /transfer Code Location: /spring-boot-quick-master/quick-img2txt/src/main/java/com/quick/controller/Img2TxtController.java:45
स्रोत	⚠️ https://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250422-01.md
उपयोगकर्ता	ShenxiuSecurity (UID 84374)
सबमिशन	22/04/2025 10:58 AM (1 वर्ष पहले)
संयम	09/05/2025 04:40 PM (17 days later)
स्थिति	स्वीकृत
VulDB प्रविष्टि	308231 [vector4wang spring-boot-quick तक 20250422 quick-img2txt Img2TxtController.java ResponseEntity निर्देशिका ट्रैवर्सल]
अंक	20

Want to know what is going to be exploited?

We predict KEV entries!