Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in Sync In server thru 1.1.1 allowing authenticated attackers to gain read and write access to the system via FilesManager.saveMultipart function in backend/src/applications/files/services/files-manager.service.ts, and FilesManager.compress function in backend/src/applications/files/services/files-manager.service.ts.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sync in 安全漏洞
Vulnerability Description
Sync in是Sync-in开源的一个服务器同步平台。 Sync in 1.1.1及之前版本存在安全漏洞,该漏洞源于FilesManager.saveMultipart和FilesManager.compress函数存在目录遍历问题,可能导致经过身份验证的攻击者获取系统读写权限。
CVSS Information
N/A
Vulnerability Type
N/A