Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
DbGate allows for File Traversal via file parameter
Vulnerability Description
DbGate is cross-platform database manager. In versions 6.4.3-premium-beta.5 and below, DbGate is vulnerable to a directory traversal flaw. The file parameter is not properly restricted to the intended uploads directory. As a result, the endpoint that lists files within the upload directory can be manipulated to access arbitrary files on the system. By supplying a crafted path to the file parameter, an attacker can read files outside the upload directory, potentially exposing sensitive system-level data. This is fixed in version 6.4.3-beta.8.
CVSS Information
N/A
Vulnerability Type
路径遍历:’..filename’
Vulnerability Title
DbGate 安全漏洞
Vulnerability Description
DbGate是DbGate开源的一个数据库管理器。 DbGate 6.4.3-premium-beta.5及之前版本存在安全漏洞,该漏洞源于文件参数验证不足,可能导致目录遍历。
CVSS Information
N/A
Vulnerability Type
N/A