| Título | aaluoxiang https://gitee.com/aaluoxiang/oa_system 20250228 latest version Path Traversal |
|---|
| Descrição | The open source OA office automation system [aaluoxiang/oa_system](https://gitee.com/aaluoxiang/oa_system) has an API with an arbitrary file read vulnerability (route is "image/**"), which allows attackers to read files in any path on the server, resulting in sensitive information leakage. |
|---|
| Fonte | ⚠️ https://github.com/honorseclab/vulns/blob/main/aaluoxiang_oasystem/ArbitaryFileRead01.md |
|---|
| Utilizador | Anonymous User |
|---|
| Submissão | 28/05/2025 10h53 (há 1 Ano) |
|---|
| Moderação | 03/06/2025 18h32 (6 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 310994 [aaluoxiang oa_system até 5b445a6227b51cee287bd0c7c33ed94b801a82a5 UserpanelController.java image Travessia de Diretório] |
|---|
| Pontos | 18 |
|---|