Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Zavy86 WikiDocs submit.php image_delete_ajax path traversal
Vulnerability Description
A vulnerability has been found in Zavy86 WikiDocs up to 1.0.77 and classified as critical. Affected by this vulnerability is the function image_drop_upload_ajax/image_delete_ajax of the file submit.php. The manipulation leads to path traversal. The attack can be launched remotely. Upgrading to version 1.0.78 is able to address this issue. The identifier of the patch is 98ea9ee4a2052c4327f89d2f7688cc1b5749450d. It is recommended to upgrade the affected component.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
WikiDocs 安全漏洞
Vulnerability Description
WikiDocs是意大利Manuel Zavatta个人开发者的一个无数据库的 Markdown 平面文件 Wiki 引擎。 WikiDocs 1.0.77及之前版本存在安全漏洞,该漏洞源于文件submit.php中函数image_drop_upload_ajax/image_delete_ajax的错误操作导致路径遍历。
CVSS Information
N/A
Vulnerability Type
N/A