| Title | tarzan-cms 1.0.0 Incomplete Identification of Uploaded File Variables |
|---|
| Description | Address: https://gitee.com/taisan/tarzan-cms
Purpose: The goal is to build a simple and easy-to-use CMS content management system, allowing small and micro enterprises with no technical background to quickly create websites, as well as individuals to build personal blogs and personal brands.
In the latest version of this CMS, there is an arbitrary file upload vulnerability. |
|---|
| Source | ⚠️ https://gitee.com/taisan/tarzan-cms/issues/IBCUPG |
|---|
| User | redpomelo (UID 79353) |
|---|
| Submission | 2024年12月21日 14:30 (3 月 ago) |
|---|
| Moderation | 2024年12月28日 17:42 (7 days later) |
|---|
| Status | 承諾済み |
|---|
| VulDB Entry | 289713 [taisan tarzan-cms 1.0.0 Article Management UploadController.java UploadResponse ファイル 特権昇格] |
|---|
| Points | 19 |
|---|