| Title | tarzan-cms 1.0.0 Incomplete Identification of Uploaded File Variables |
|---|
| Description | Address: https://gitee.com/taisan/tarzan-cms
Purpose: The goal is to build a simple and easy-to-use CMS content management system, allowing small and micro enterprises with no technical background to quickly create websites, as well as individuals to build personal blogs and personal brands.
In the latest version of this CMS, there is an arbitrary file upload vulnerability. |
|---|
| Source | ⚠️ https://gitee.com/taisan/tarzan-cms/issues/IBCUPG |
|---|
| User | redpomelo (UID 79353) |
|---|
| Submission | 2024-12-21 14時30分 (3 月前) |
|---|
| Moderation | 2024-12-28 17時42分 (7 days later) |
|---|
| Status | 已接受 |
|---|
| VulDB Entry | 289713 [taisan tarzan-cms 1.0.0 Article Management UploadController.java UploadResponse 文件 权限升级] |
|---|
| Points | 19 |
|---|