WeGIA affected by arbitrary file read via symlink in backup restore

WeGIA is a web manager for charitable institutions. In 3.6.5, The patched loadBackupDB() extracts tar.gz archives to a temporary directory using PHP's PharData class, then uses glob() and file_get_contents() to read SQL files from the extracted contents. Neither the extraction nor the file reading validates whether archive members are symbolic links. This vulnerability is fixed in 3.6.6.

N/A

在文件访问前对链接解析不恰当(链接跟随)

WeGIA 后置链接漏洞

WeGIA是Nilson Lazarin个人开发者的一个福利机构的网络管理器。 WeGIA 3.6.5版本存在后置链接漏洞，该漏洞源于提取和读取归档文件时未验证符号链接，可能导致路径遍历攻击。

N/A

N/A