Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
aerouk imageserve File viewer.php path traversal
Vulnerability Description
A vulnerability, which was classified as problematic, was found in aerouk imageserve. Affected is an unknown function of the file public/viewer.php of the component File Handler. The manipulation of the argument filelocation leads to path traversal. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is bd23c784f0e5cb12f66d15c100248449f87d72e2. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217056.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
aerouk imageserve 路径遍历漏洞
Vulnerability Description
imageserve是Tom个人开发者的一个自己域的 ShareX 图像托管解决方案。 aerouk imageserve存在路径遍历漏洞,该漏洞源于对参数filelocation的错误操作导致路径遍历。
CVSS Information
N/A
Vulnerability Type
N/A