Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The czim/file-handling package before 1.5.0 and 2.x before 2.3.0 (used with PHP Composer) does not properly validate URLs within makeFromUrl and makeFromAny, leading to SSRF, and to directory traversal for the reading of local files.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
File Handling and Storage Helper 安全漏洞
Vulnerability Description
File Handling and Storage Helper是Conrad Carpenter个人开发者的一个文件处理和存储助手。 File Handling and Storage Helper 1.5.0之前版本和2.x在2.3.0之前版本存在安全漏洞,该漏洞源于未能正确验证makeFromUrl和makeFromAny内的URL,这可能导致服务器端请求伪造以及本地文件读取时的目录遍历。
CVSS Information
N/A
Vulnerability Type
N/A