| 제목 | https://github.com/megagao/production_ssm production_ssm v1.0 Arbitrary file deletion vulnerability |
|---|
| 설명 | The production_ssm system contains an arbitrary file deletion vulnerability.The /pic/delete interface of the roduction_ssm system contains an arbitrary file deletion vulnerability.The system does not filter directory traversal characters when detecting file paths, allowing attackers to traverse paths and delete arbitrary files using the "..\" operator. |
|---|
| 원천 | ⚠️ https://github.com/megagao/production_ssm/issues/38 |
|---|
| 사용자 | Jszdk (UID 95030) |
|---|
| 제출 | 2026. 02. 09. AM 09:31 (3 개월 ago) |
|---|
| 모더레이션 | 2026. 02. 20. PM 03:17 (11 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 347103 [feng_ha_ha/megagao ssm-erp/production_ssm 까지 4288d53bd35757b27f2d070057aefb2c07bdd097 PictureController.java pictureDelete picName 디렉토리 순회] |
|---|
| 포인트들 | 19 |
|---|