漏洞标题
RainyGao DocSys ZIP File Decompression path traversal
漏洞描述信息
RainyGao DocSys ZIP文件解压缩路径遍历漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
RainyGao DocSys ZIP File Decompression path traversal
漏洞描述信息
A vulnerability classified as critical has been found in RainyGao DocSys 2.02.37. This affects an unknown part of the component ZIP File Decompression Handler. The manipulation leads to path traversal: '../filedir'. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-215271.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
漏洞类别
对路径名的限制不恰当(路径遍历)
漏洞标题
MxsDoc 路径遍历漏洞
漏洞描述信息
MxsDoc是Rainy开源的一个基于 Web 的文件管理系统。 Rainy MxsDoc 2.02.37版本存在安全漏洞。攻击者利用该漏洞访问目录和文件夹。
CVSS信息
N/A
漏洞类别
路径遍历