提交 #757586: DataLinkDC dinky <=1.2.5 arbitrary file writes信息

标题DataLinkDC dinky <=1.2.5 arbitrary file writes
描述A path traversal vulnerability exists in the Dinky platform's Git project management functionality. Attackers with Git project creation permissions can craft malicious project names containing path traversal sequences (e.g., ../../evil), allowing arbitrary file writes to the server filesystem when projects are created or built.
来源⚠️ https://github.com/AnalogyC0de/public_exp/issues/5
用户
 Ana10gy (UID 93358)
提交2026-02-13 03時28分 (4 月前)
管理2026-02-23 18時50分 (11 days later)
状态已接受
VulDB条目347409 [DataLinkDC dinky 直到 1.2.5 Project Name GitRepository.java getProjectDir projectName 目录遍历]
积分18

上一步一览下一步

Do you want to use VulDB in your project?

Use the official API to access entries easily!