| 标题 | aias 20250308 Incomplete Identification of Uploaded File Variables |
|---|
| 描述 | The open source Java AI one-stop solution project "https://github.com/mymagicpower/AIAS" has an arbitrary file upload vulnerability, which allows attackers to upload arbitrary malicious files to any path on the server, resulting in arbitrary code execution. |
|---|
| 来源 | ⚠️ https://github.com/Tr0e/CVE_Hunter/blob/main/AIAS/AIAS_RCE.md |
|---|
| 用户 | Anonymous User |
|---|
| 提交 | 2025-03-27 16時07分 (1 年前) |
|---|
| 管理 | 2025-04-07 13時04分 (11 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 303688 [mymagicpower AIAS 20250308 LocalStorageController.java 文件 权限提升] |
|---|
| 积分 | 17 |
|---|