提交 #641567: 299Ko 299ko V2.0.0 Delete any file
| 标题 | 299Ko 299ko V2.0.0 Delete any file |
|---|---|
| 描述 | The root of the vulnerability lies within the getSentDir() and delete() method in the plugin/filemanager/controllers/FileManagerAPIController.php file,users can delete any file on the server. |
| 来源 | ⚠️ https:/ |
| 用户 | Yu Bao (UID 88956) |
| 提交 | 2025-08-26 03時56分 (10 月前) |
| 管理 | 2025-09-10 15時37分 (15 days later) |
| 状态 | 已接受 |
| VulDB条目 | 323501 [299ko 直到 2.0.0 FileManagerAPIController.php getSentDir/delete 目录遍历] |
| 积分 | 17 |