Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
copyparty: Sharing a single file does not fully restrict access to other files in source folder
Vulnerability Description
Copyparty is a portable file server. In versions prior to 1.19.8, there was a missing permission-check in the shares feature (the `shr` global-option). When a share was created for just one file inside a folder, it was possible to access the other files inside that folder by guessing the filenames. It was not possible to descend into subdirectories in this manner; only the sibling files were accessible. This issue did not affect filekeys or dirkeys. Version 1.19.8 fixes the issue.
CVSS Information
N/A
Vulnerability Type
授权机制缺失
Vulnerability Title
Copyparty 安全漏洞
Vulnerability Description
Copyparty是ed个人开发者的一个便携式文件服务器。 Copyparty 1.19.8之前版本存在安全漏洞,该漏洞源于权限检查缺失,可能导致文件访问越权。
CVSS Information
N/A
Vulnerability Type
N/A