| Название | ageerle https://github.com/ageerle/ruoyi-ai v2.0.0 Unrestricted Upload |
|---|
| Описание | The open source project "ageerle/ruoyi-ai" which implements AI chat and painting functions based on ruoyi-plus has an arbitrary file upload vulnerability, which allows attackers to upload any malicious files to any path on the server, resulting in the risk of arbitrary code execution and arbitrary file overwriting on the server. |
|---|
| Источник | ⚠️ https://github.com/ageerle/ruoyi-ai/issues/9 |
|---|
| Пользователь | Anonymous User |
|---|
| Представление | 17.06.2025 17:03 (1 Год назад) |
|---|
| Модерация | 21.06.2025 07:12 (4 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 313574 [ageerle ruoyi-ai 2.0.0 SseServiceImpl.java speechToTextTranscriptionsV2/upload Файл эскалация привилегий] |
|---|
| Баллы | 18 |
|---|