GuoMinJim PersonManage login preHandle path traversal

A vulnerability, which was classified as critical, has been found in GuoMinJim PersonManage 1.0. This issue affects the function preHandle of the file /login/. The manipulation of the argument Request leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

对路径名的限制不恰当(路径遍历)

PersonManage 路径遍历漏洞

PersonManage是jinguomin个人开发者的一个人事管理系统。 PersonManage 1.0版本存在路径遍历漏洞，该漏洞源于对参数Request的错误操作导致路径遍历。

N/A

N/A