| Название | https://gitee.com/veal98/Echo Echo 4.2 Unrestricted Upload of File with Dangerous Type |
|---|
| Описание | Echo framework version 2.4 contains an unauthenticated arbitrary file upload vulnerability in the /discuss/uploadMdPic endpoint. Attackers can upload arbitrary files without any authentication |
|---|
| Источник | ⚠️ https://github.com/caigo8/CVE-md/blob/main/Echo/%E6%9C%AA%E6%8E%88%E6%9D%83%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0.md |
|---|
| Пользователь | Caigo (UID 81287) |
|---|
| Представление | 02.04.2025 17:24 (1 Год назад) |
|---|
| Модерация | 14.04.2025 00:56 (11 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 304607 [veal98 小牛肉 Echo 开源社区系统 4.2 /discuss/uploadMdPic editormd-image-file эскалация привилегий] |
|---|
| Баллы | 16 |
|---|