Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
cld378632668 JavaMall MinioController.java delete path traversal
Vulnerability Description
A vulnerability was determined in cld378632668 JavaMall up to 994f1e2b019378ec9444cdf3fce2d5b5f72d28f0. Affected is the function delete of the file src/main/java/com/macro/mall/controller/MinioController.java. This manipulation of the argument objectName causes path traversal. The attack can be initiated remotely. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
mall 路径遍历漏洞
Vulnerability Description
mall是macro个人开发者的一套电商系统,包括前台商城系统及后台管理系统。 mall 994f1e2b019378ec9444cdf3fce2d5b5f72d28f0及之前版本存在路径遍历漏洞,该漏洞源于对文件src/main/java/com/macro/mall/controller/MinioController.java中函数delete的参数objectName的错误操作,可能导致路径遍历。
CVSS Information
N/A
Vulnerability Type
N/A