| tiêu đề | z-9527 admin ≤ commit 72aaf2d Path Traversal: '../filedir' |
|---|
| Mô tả | An unrestricted file upload vulnerability exists in Z-9527 Admin ≤ commit 72aaf2d at the /upload endpoint, where the fileType query parameter is concatenated into the target filesystem path without validation or canonicalization, and the optional isImg check can be bypassed. As a result, authenticated attackers can write arbitrary files to the server filesystem. Mitigations include mapping fileType to a server-side whitelist of directories, canonicalizing and verifying that resolved paths are inside a fixed upload root, rejecting directory-traversal or absolute-path inputs, generating safe server-side filenames, validating content by magic bytes and size, storing uploads outside the webroot, and running the service with least privilege. |
|---|
| Nguồn | ⚠️ https://github.com/CC-T-454455/Vulnerabilities/tree/master/z9527-admin/vulnerability-9 |
|---|
| Người dùng | Anonymous User |
|---|
| Đệ trình | 12/03/2026 03:21 (cách đây 4 các tháng) |
|---|
| Kiểm duyệt | 27/03/2026 14:48 (15 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 353886 [z-9527 admin đến 72aaf2dd05cf4ec2e98f390668b41e128eec5ad2 isImg Check /server/utils/upload.js uploadFile fileType duyệt thư mục] |
|---|
| điểm | 20 |
|---|