| Title | zhijiantianya ruoyi-vue-pro 2.4.1 File Path Traversal Front-end |
|---|
| Description | There is a directory traversal vulnerability in the front-end store interface of Ruoyi Vue Pro v2.4.1, specifically in the `/app-api/infra/file/upload`. Hackers can exploit this vulnerability to upload any file to any directory on the server. If it is a Linux server, the SSH private key may be replaced, resulting in the loss of server privileges. |
|---|
| Source | ⚠️ https://github.com/uglory-gll/javasec/blob/main/ruoyi-vue-pro.md |
|---|
| User | uglory (UID 82151) |
|---|
| Submission | 03/09/2025 08:09 (1 Year ago) |
|---|
| Moderation | 03/24/2025 12:23 (15 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 300728 [zhijiantianya ruoyi-vue-pro 2.4.1 Front-End Store Interface upload path path traversal] |
|---|
| Points | 18 |
|---|