Submeter #598365: ageerle https://github.com/ageerle/ruoyi-ai v2.0.0 Unrestricted Uploadinformação

Títuloageerle https://github.com/ageerle/ruoyi-ai v2.0.0 Unrestricted Upload
DescriçãoThe open source project "ageerle/ruoyi-ai" which implements AI chat and painting functions based on ruoyi-plus has an arbitrary file upload vulnerability, which allows attackers to upload any malicious files to any path on the server, resulting in the risk of arbitrary code execution and arbitrary file overwriting on the server.
Fonte⚠️ https://github.com/ageerle/ruoyi-ai/issues/9
Utilizador
 Anonymous User
Submissão17/06/2025 17h03 (há 1 Ano)
Moderação21/06/2025 07h12 (4 days later)
EstadoAceite
Entrada VulDB313574 [ageerle ruoyi-ai 2.0.0 SseServiceImpl.java speechToTextTranscriptionsV2/upload Ficheiro Elevação de Privilégios]
Pontos18

Interested in the pricing of exploits?

See the underground prices here!