Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Path Traversal vulnerability in appRain CMF
Vulnerability Description
A problem has been discovered in appRain CMF 4.0.5. An authenticated Path Traversal vulnerability in /apprain/common/download/ allows remote users to bypass the intended SecurityManager restrictions and download any file if they have adequate permissions outside the document root configured on the server via the base64 path after /download/.
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
appRain CMF 路径遍历漏洞
Vulnerability Description
appRain CMF是加拿大appRain公司的一个内容管理框架。 appRain CMF 4.0.5版本存在路径遍历漏洞,该漏洞源于未正确处理base64路径参数,可能导致路径遍历攻击。
CVSS Information
N/A
Vulnerability Type
N/A