Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
webTareas 2.0.p8 - Arbitrary File Deletion
Vulnerability Description
webTareas 2.0.p8 contains a file deletion vulnerability in the print_layout.php administration component that allows authenticated attackers to delete arbitrary files. Attackers can exploit the vulnerability by manipulating the 'atttmp1' parameter to specify and delete files on the server through an unauthenticated file deletion mechanism.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
文件名或路径的外部可控制
Vulnerability Title
webTareas 安全漏洞
Vulnerability Description
webTareas是luiswang个人开发者的一款基于Web的开源协作工具。该产品支持项目管理、错误跟踪、内容管理和会议管理等功能。 webTareas 2.0.p8版本存在安全漏洞,该漏洞源于print_layout.php管理组件中的atttmp1参数存在文件删除漏洞,可能导致删除服务器上的任意文件。
CVSS Information
N/A
Vulnerability Type
N/A