Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-1743 PoC — Pichome 路径遍历漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-1743.yaml
Associated Vulnerability
Title:Pichome 路径遍历漏洞 (CVE-2025-1743)
Description:Pichome是zyx0814个人开发者的一款图片与媒体文件管理功能强大的开源网盘程序。 Pichome 2.1.0版本存在路径遍历漏洞,该漏洞源于文件/index.php?mod=textviewer的参数src会导致路径遍历。
Description
A vulnerability, which was classified as critical, was found in zyx0814 Pichome 2.1.0. This affects an unknown part of the file /index.php?mod=textviewer. The manipulation of the argument src leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
File Snapshot

 id: CVE-2025-1743

info:
  name: Pichome 2.1.0 - Arbitrary File Read
  author: 3th1c_yuk1
  severity

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.