Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Sockso Music Host Server <= 1.5 Path Traversal
Vulnerability Description
Sockso Music Host Server versions <= 1.5 are vulnerable to a path traversal flaw that allows unauthenticated remote attackers to read arbitrary files from the server’s filesystem. The vulnerability exists in the HTTP interface on port 4444, where the endpoint /file/ fails to properly sanitize user-supplied input. Attackers can traverse directories and access sensitive files outside the intended web root.
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Sockso Music Host Server 安全漏洞
Vulnerability Description
Sockso Music Host Server是Rhodri Pugh个人开发者的一个音乐流媒体播放器。 Sockso Music Host Server 1.5及之前版本存在安全漏洞,该漏洞源于HTTP接口存在路径遍历漏洞,可能导致读取任意文件。
CVSS Information
N/A
Vulnerability Type
N/A