Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
云课网络科技有限公司 Yunke Online School System Appadmin.php downfile path traversal
Vulnerability Description
A vulnerability was found in 云课网络科技有限公司 Yunke Online School System up to 3.0.6. It has been declared as problematic. This vulnerability affects the function downfile of the file application/admin/controller/Appadmin.php. The manipulation of the argument url leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Yunke Online School System 路径遍历漏洞
Vulnerability Description
Yunke Online School System是中国云课(Yunke)公司的一个在线学校软件。 Yunke Online School System 3.0.6及之前版本存在路径遍历漏洞,该漏洞源于文件application/admin/controller/Appadmin.php的参数url会导致路径遍历。
CVSS Information
N/A
Vulnerability Type
N/A