提交 #380498: elunez eladmin <=v2.7 Path Traversal: 'dir/../../filename'信息

标题elunez eladmin <=v2.7 Path Traversal: 'dir/../../filename'
描述Eladmin v2.7 has an arbitrary file upload vulnerability in the Database management and Deployment management. Attackers can construct filenames like ../../file to upload arbitrary files to arbitrary directories or delete arbitrary files in arbitrary directories. Details can be seen in: https://github.com/elunez/eladmin/issues/851
来源⚠️ https://github.com/elunez/eladmin/issues/851
用户
 nerowander (UID 72513)
提交2024-07-26 09時32分 (2 年前)
管理2024-08-04 08時10分 (9 days later)
状态已接受
VulDB条目273551 [elunez eladmin 直到 2.7 Database Management/Deployment Management upload 文件 权限提升]
积分18

上一步一览下一步

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!