| Title | rmountjoy92 DashMachine 0.5-4 docker ArbitraryFileDeletion |
|---|
| Description | DashMachine is another web application bookmark dashboard, with fun features.
/settings/delete_file接口未对file参数进行过滤,攻击者可在未登录的情况下删除服务器上的任意文件。 |
|---|
| Source | ⚠️ https://treasure-blarney-085.notion.site/DashMachine-Arbitrary-File-Deletion-ab44f2fe68e843c393ae9e0c1d487676 |
|---|
| User | zgbsm (UID 57268) |
|---|
| Submission | 12/13/2023 09:48 (3 years ago) |
|---|
| Moderation | 12/16/2023 20:38 (3 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 248258 [rmountjoy92 DashMachine 0.5-4 /settings/delete_file File path traversal] |
|---|
| Points | 14 |
|---|