Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-37474 PoC — Copyparty 路径遍历漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-37474.yaml
Associated Vulnerability
Title:Copyparty 路径遍历漏洞 (CVE-2023-37474)
Description:Copyparty是ed个人开发者的一个便携式文件服务器。 Copyparty 1.8.2之前版本存在路径遍历漏洞,该漏洞源于“.cpr”子文件夹中存在路径遍历漏洞。
Description
Copyparty is a portable file server. Versions prior to 1.8.2 are subject to a path traversal vulnerability detected in the `.cpr` subfolder. The Path Traversal attack technique allows an attacker access to files, directories, and commands that reside outside the web document root directory. This issue has been addressed in commit `043e3c7d` which has been included in release 1.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.
File Snapshot

 id: CVE-2023-37474

info:
  name: Copyparty <= 1.8.2 - Directory Traversal
  author: shankar acharya

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.