提交 #619776: yanyutao0402 https://gitee.com/yanyutao0402/ChanCMS <3.1.3 Arbitrary File Deletion信息

标题yanyutao0402 https://gitee.com/yanyutao0402/ChanCMS <3.1.3 Arbitrary File Deletion
描述Arbitrary File Deletion Vulnerability on article/delfile The image deletion function performs no security checks on user-controllable file paths, thus allowing attackers to delete arbitrary system files.
来源⚠️ https://gitee.com/yanyutao0402/ChanCMS/issues/ICLOT8
用户
 ZAST.AI (UID 87884)
提交2025-07-21 14時20分 (11 月前)
管理2025-07-24 17時44分 (3 days later)
状态已接受
VulDB条目317528 [yanyutao0402 ChanCMS 直到 3.1.2 app/extend/utils.js delfile 目录遍历]
积分17

上一步一览下一步

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!