Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
yeqifu warehouse AppFileUtils.java createResponseEntity path traversal
Vulnerability Description
A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function createResponseEntity of the file warehouse\src\main\java\com\yeqifu\sys\common\AppFileUtils.java. The manipulation of the argument path results in path traversal. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
warehouse 路径遍历漏洞
Vulnerability Description
warehouse是yeqifu个人开发者的一个基于spring boot的中小型仓库物流管理系统。 warehouse存在路径遍历漏洞,该漏洞源于对文件warehousesrcmainjavacomyeqifusyscommonAppFileUtils.java中参数path的错误操作,可能导致路径遍历攻击。
CVSS Information
N/A
Vulnerability Type
N/A