| Título | zhijiantianya ruoyi-vue-pro 2.4.1 Arbitrary file deletion vulnerability --uploadPermanentMaterial |
|---|
| Descrição | There is an arbitrary file deletion vulnerability caused by directory traversal in the material upload interface of ruoyi-vue-pro v2.4.1, as described in the `/admin-api/mp/material/upload-permanent` section. Hackers can exploit this vulnerability to delete files that can be accessed by the programme. |
|---|
| Fonte | ⚠️ https://github.com/uglory-gll/javasec/blob/main/ruoyi-vue-pro.md |
|---|
| Utilizador | uglory (UID 82151) |
|---|
| Submissão | 13/03/2025 06h04 (há 1 Ano) |
|---|
| Moderação | 24/03/2025 15h44 (11 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 300844 [zhijiantianya ruoyi-vue-pro 2.4.1 Material Upload Interface upload-permanent Ficheiro Travessia de Diretório] |
|---|
| Pontos | 17 |
|---|