CVE-2026-28429

Talishar (Flesh and Blood fan project) has a path traversal flaw in the gameName parameter prior to commit 6be3871. ParseGamestate.php can be accessed as a standalone script, allowing directory traversal sequences (e.g., ../) to reach unauthorized files. The issue is mitigated by the patch in com...

Talishar 路径遍历漏洞

Talishar is an open-source game client developed by Talishar. Prior to version 6be3871, there was a path traversal vulnerability in the software. This vulnerability stemmed from the gameName parameter in the ParseGamestate.php component, which allowed for path traversal, potentially leading to...