Submeter #585885: aaluoxiang https://gitee.com/aaluoxiang/oa_system 20250228 latest version Absolute Path Traversalinformação

Títuloaaluoxiang https://gitee.com/aaluoxiang/oa_system 20250228 latest version Absolute Path Traversal
DescriçãoThe open source OA office automation system [aaluoxiang/oa_system](https://gitee.com/aaluoxiang/oa_system) has another API with an arbitrary file read vulnerability (route is "show/**"), which allows attackers to read files in any path on the server, resulting in sensitive information leakage.
Fonte⚠️ https://github.com/honorseclab/vulns/blob/main/aaluoxiang_oasystem/ArbitaryFileRead02.md
Utilizador
 Anonymous User
Submissão28/05/2025 10h59 (há 1 Ano)
Moderação03/06/2025 18h33 (6 days later)
EstadoAceite
Entrada VulDB310995 [aaluoxiang oa_system até 5b445a6227b51cee287bd0c7c33ed94b801a82a5 ProcedureController.java image Travessia de Diretório]
Pontos18

VoltarVisão GeralPróximo

Interested in the pricing of exploits?

See the underground prices here!