| Title | MuYuCMS 2.7 CWE-22: Improper Limitation of a Pathname to a Restricted Direct |
|---|
| Description | A directory traversal vulnerability exists in MuYuCMS version 2.7 within the accessory management module. The vulnerability is located in the picdel method of Accessory.php, where the 'picdelur' parameter is used to construct file paths for deletion without proper sanitization. |
|---|
| Source | ⚠️ https://gist.github.com/b1uel0n3/48ec32d52e1533df88465c9c834536bb |
|---|
| User | b1uel0n3 (UID 93016) |
|---|
| Submission | 11/27/2025 04:58 (7 months ago) |
|---|
| Moderation | 12/16/2025 14:18 (19 days later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 224187 [MuYuCMS 2.2 /accessory/picdel.html denial of service] |
|---|
| Points | 0 |
|---|