Submit #619776: yanyutao0402 https://gitee.com/yanyutao0402/ChanCMS <3.1.3 Arbitrary File Deletioninfo

Titleyanyutao0402 https://gitee.com/yanyutao0402/ChanCMS <3.1.3 Arbitrary File Deletion
DescriptionArbitrary File Deletion Vulnerability on article/delfile The image deletion function performs no security checks on user-controllable file paths, thus allowing attackers to delete arbitrary system files.
Source⚠️ https://gitee.com/yanyutao0402/ChanCMS/issues/ICLOT8
User
 ZAST.AI (UID 87884)
Submission07/21/2025 14:20 (11 months ago)
Moderation07/24/2025 17:44 (3 days later)
StatusAccepted
VulDB entry317528 [yanyutao0402 ChanCMS up to 3.1.2 app/extend/utils.js delfile path traversal]
Points17

PreviousOverviewNext

Want to stay up to date on a daily basis?

Enable the mail alert feature now!