Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Blinko: Unauthorized Path Traversal File Enumeration - music-metadata
Vulnerability Description
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, the filePath parameter accepts path traversal sequences, allowing enumeration of file existence on the server via different error responses. This issue has been patched in version 1.8.4.
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Blinko 路径遍历漏洞
Vulnerability Description
Blinko是Blinko开源的一款基于人工智能的卡片式笔记应用,专为想要快速捕捉和整理转瞬即逝的灵感的用户而设计。 Blinko 1.8.4之前版本存在路径遍历漏洞,该漏洞源于filePath参数接受路径遍历序列,可能允许通过不同的错误响应枚举服务器上的文件存在性。
CVSS Information
N/A
Vulnerability Type
N/A