Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Logged-in users with any role can delete arbitrary files in @saltcorn/server
Vulnerability Description
Saltcorn is an extensible, open source, no-code database application builder. A logged-in user with any role can delete arbitrary files on the filesystem by calling the `sync/clean_sync_dir` endpoint. The `dir_name` POST parameter is not validated/sanitized and is used to construct the `syncDir` that is deleted by calling `fs.rm`. This issue has been addressed in release version 1.0.0-beta16 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Saltcorn 路径遍历漏洞
Vulnerability Description
Saltcorn是Saltcorn开源的一个可扩展的开源无代码数据库应用程序构建器。 Saltcorn存在路径遍历漏洞,该漏洞源于POST参数未经验证或清理。
CVSS Information
N/A
Vulnerability Type
N/A