| Title | SSCMS V4.7.0 SSCMS Arbitrary File Deletion |
|---|
| Description | endpoint accepts user-controlled filePaths and does not enforce a secure canonical-path boundary check.
By supplying traversal input (e.g., ../...), an attacker with admin access can target files outside the intended upload scope.
If isLinkToOriginal=false, it deletes the original file path, enabling arbitrary file deletion.
Affected Code |
|---|
| Source | ⚠️ https://www.yuque.com/la12138/pa2fpb/vlyutc51eb7vhwaz?singleDoc |
|---|
| User | Saul1213 (UID 94577) |
|---|
| Submission | 03/07/2026 13:27 (1 month ago) |
|---|
| Moderation | 03/21/2026 16:17 (14 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 352359 [SSCMS 4.7.0 layerImage Endpoint LayerImageController.Submit.cs filePaths path traversal] |
|---|
| Points | 18 |
|---|