Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
aaluoxiang oa_system UserpanelController.java image path traversal
Vulnerability Description
A vulnerability was found in aaluoxiang oa_system up to 5b445a6227b51cee287bd0c7c33ed94b801a82a5. It has been rated as problematic. Affected by this issue is the function image of the file src/main/java/cn/gson/oasys/controller/user/UserpanelController.java. The manipulation leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
oa_system 路径遍历漏洞
Vulnerability Description
oa_system是aaluoxiang个人开发者的一个面向组织的日常运作和管理,员工及管理者使用的应用系统。 aaluoxiang oa_system存在路径遍历漏洞,该漏洞源于对文件src/main/java/cn/gson/oasys/controller/user/UserpanelController.java的错误操作导致路径遍历。
CVSS Information
N/A
Vulnerability Type
N/A