Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
drogatkin TJWS2 WarRoller.java deployWar path traversal
Vulnerability Description
A vulnerability was found in drogatkin TJWS2. It has been declared as critical. Affected by this vulnerability is the function deployWar of the file 1.x/src/rogatkin/web/WarRoller.java. The manipulation leads to path traversal. The attack can be launched remotely. The name of the patch is 1bac15c496ec54efe21ad7fab4e17633778582fc. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216187.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
TJWS 路径遍历漏洞
Vulnerability Description
TJWS是drogatkin个人开发者的一个小型 Java Web 和 App 服务器。 TJWS 存在路径遍历漏洞。攻击者利用该漏洞获取目录文件夹中的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A