Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Blinko: Authenticated Arbitrary File Write - saveAdditionalDevFile
Vulnerability Description
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an authenticated arbitrary file write vulnerability in saveAdditionalDevFile. This issue has been patched in version 1.8.4.
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Blinko 路径遍历漏洞
Vulnerability Description
Blinko是Blinko开源的一款基于人工智能的卡片式笔记应用,专为想要快速捕捉和整理转瞬即逝的灵感的用户而设计。 Blinko 1.8.4之前版本存在路径遍历漏洞,该漏洞源于saveAdditionalDevFile存在经过身份验证的任意文件写入。
CVSS Information
N/A
Vulnerability Type
N/A