Submeter #754038: feiyuchuixue https://github.com/feiyuchuixue/sz-boot-parent sz-boot-parent <= v1.3.2-beta Arbitrary File Uploadinformação

Títulofeiyuchuixue https://github.com/feiyuchuixue/sz-boot-parent sz-boot-parent <= v1.3.2-beta Arbitrary File Upload
DescriçãoThe API endpoint `/api/admin/sys-file/upload` contains a critical arbitrary file upload vulnerability with insufficient file type validation and filtering mechanisms in place; this security flaw enables unauthorized actors to upload arbitrary file types—including HTML, EXE and other high-risk file formats—to the target server without any effective restrictions.
Fonte⚠️ https://github.com/yuccun/CVE/blob/main/sz-boot-parent-Arbitrary_File_Upload.md
Utilizador
 yuccun (UID 93614)
Submissão07/02/2026 19h59 (há 3 meses)
Moderação25/02/2026 09h32 (18 days later)
EstadoAceite
Entrada VulDB347745 [feiyuchuixue sz-boot-parent até 1.3.2-beta API Endpoint upload Elevação de Privilégios]
Pontos18

VoltarVisão GeralPróximo

Do you need the next level of professionalism?

Upgrade your account now!