Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Arbitrary File Write via Archive Extraction (Zip Slip)
Vulnerability Description
This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Vulnerability Type
N/A
Vulnerability Title
calipso 所有 路径遍历漏洞
Vulnerability Description
Calipso是一个简单的 NodeJS 内容管理系统。基于与 Drupal 和 Wordpress 相似的主题构建,旨在快速、灵活和简单。 calipso 所有版本存在安全漏洞,该漏洞源于恶意模块可以通过模块安装功能覆盖任意文件系统上的文件。
CVSS Information
N/A
Vulnerability Type
N/A