| Title | 299Ko 299ko V2.0.0 Delete any file |
|---|
| Description | The root of the vulnerability lies within the getSentDir() and delete() method in the plugin/filemanager/controllers/FileManagerAPIController.php file,users can delete any file on the server. |
|---|
| Source | ⚠️ https://github.com/August829/Yu/blob/main/58ead8e7e08bfb010.md |
|---|
| User | Yu Bao (UID 88956) |
|---|
| Submission | 08/26/2025 03:56 (10 months ago) |
|---|
| Moderation | 09/10/2025 15:37 (15 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 323501 [299ko up to 2.0.0 FileManagerAPIController.php getSentDir/delete path traversal] |
|---|
| Points | 17 |
|---|