| Title | Seeyon Zhiyuan OA Web Application System V8.1 SP2 Path Traversal Vulnerability |
|---|
| Description | 1.Vulnerability Name: Path Traversal Vulnerability of Seeyon Zhiyuan OA Web Application System
2.Vulnerability Submitter and Contributor: 蔡超雄(caichaoxiong)
3.Vulnerability Level: Medium.
4.Affected product version : V8.1 SP2
5.Vulnerability Description:
The M3CoreController component of the Seeyon Zhiyuan OA system V8 SP2 Web Application System does not filter user input, resulting in users being able to traverse the directory through ../ and download zip files in any location. |
|---|
| Source | ⚠️ https://wx.mail.qq.com/s?k=h3jd6HR4UnUJxQZ0RG |
|---|
| User | caichaoxiong (UID 84060) |
|---|
| Submission | 04/25/2025 03:47 (1 Year ago) |
|---|
| Moderation | 05/10/2025 07:33 (15 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 308274 [Seeyon Zhiyuan OA Web Application System 8.1 SP2 ZIP File M3CoreController.class download Name path traversal] |
|---|
| Points | 17 |
|---|