Submit #380498: elunez eladmin <=v2.7 Path Traversal: 'dir/../../filename'info

Titleelunez eladmin <=v2.7 Path Traversal: 'dir/../../filename'
DescriptionEladmin v2.7 has an arbitrary file upload vulnerability in the Database management and Deployment management. Attackers can construct filenames like ../../file to upload arbitrary files to arbitrary directories or delete arbitrary files in arbitrary directories. Details can be seen in: https://github.com/elunez/eladmin/issues/851
Source⚠️ https://github.com/elunez/eladmin/issues/851
User
 nerowander (UID 72513)
Submission07/26/2024 09:32 (2 years ago)
Moderation08/04/2024 08:10 (9 days later)
StatusAccepted
VulDB entry273551 [elunez eladmin up to 2.7 Database Management/Deployment Management upload File path traversal]
Points18

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!