GHSA-JRHG-82W2-VVJ7 Gin-vue-admin has an arbitrary file deletion vulnerability

Impact Attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder The affected code: Affected interfaces: /api/fileUploadAndDownload/removeChunk POC: You can specify the...

CVE-2025-66410

Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder...

CVE-2025-66410 Gin-vue-admin has an arbitrary file deletion vulnerability

Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder...

PT-2025-48577

Name of the Vulnerable Software and Affected Versions Gin-vue-admin versions prior to 2.8.6 Description Gin-vue-admin, a backstage management system based on vue and gin, is affected by a file deletion issue. Attackers can delete any file on the server, potentially causing damage or unavailabilit...

Gin-Vue-Admin 路径遍历漏洞

Gin-Vue-Admin is flipped-aurora open source a full-stack predevelopment infrastructure platform based on Vue and Gin development. A path traversal vulnerability exists in Gin-Vue-Admin version 2.8.6 and earlier, which stems from an attacker being able to control the FileMd5 parameter to delete...