Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
PwnDoc Arbitrary File Write to RCE using Path Traversal in template update from backup templates.json
Vulnerability Description
PwnDoc is a penetration test reporting application. Prior to version 1.2.0, the backup restore functionality allows an administrator to import raw data into the database, including Path Traversal (`../`) sequences. This is problematic for the template update functionality as it uses the path from the database to write arbitrary content to, potentially overwriting source code to achieve Remote Code Execution. Any user with the `backups:create`, `backups:update` and `templates:update` permissions (only administrators by default) can write arbitrary content to anywhere on the filesystem. By overwriting source code, it is possible to achieve Remote Code Execution. Version 1.2.0 fixes the issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
PwnDoc 路径遍历漏洞
Vulnerability Description
PwnDoc是PwnDoc开源的一个渗透测试报告生成器。 PwnDoc 1.2.0之前版本存在路径遍历漏洞,该漏洞源于备份恢复功能允许导入包含路径遍历的原始数据,可能导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A