Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Flamingo (aka FlamingoIM) through 2020-09-29 allows ../ directory traversal because the only ostensibly unpredictable part of a file-transfer request is an MD5 computation; however, this computation occurs on the client side, and the computation details can be easily determined because the product's source code is available.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Blizmax Flamingoim 路径遍历漏洞
Vulnerability Description
Blizmax Flamingoim是Blizmax个人开发者的一款高性能、轻量级的开源即时通讯软件。 Blizmax Flamingoim 2020-09-29版本及之前版本存在路径遍历漏洞,该漏洞源于文件传输请求中唯一表面上不可预测的部分是MD5计算;然而,这种计算是在客户端进行的,而且计算细节很容易确定,因为产品的源代码是可用的。
CVSS Information
N/A
Vulnerability Type
N/A