Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL (or a portion of it) directly with a base path using os.path.join. This bypass allows directory traversal or absolute path injection, leading to the potential exposure of sensitive information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cola Dnslog 安全漏洞
Vulnerability Description
Cola Dnslog是AbelChe个人开发者的一个无回显漏洞探测辅助平台。 Cola Dnslog v1.3.2版本存在安全漏洞,该漏洞源于处理TXT记录DNS查询时直接拼接请求URL和基本路径,可能导致目录遍历或绝对路径注入,进而泄露敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A