2 matches found
EUVD-2025-202704
A security vulnerability has been detected in baowzh hfly up to 638ff9abe9078bc977c132b37acbe1900b63491c. The affected element is an unknown function of the file /admin/index.php/datafile/download. Such manipulation of the argument filename leads to path traversal. The attack may be performed fro...
hfly 路径遍历漏洞
hfly is a travel website by the individual developer baowzh. A path traversal vulnerability exists in hfly, which stems from an incorrect manipulation of the parameter filename in the file /admin/index.php/datafile/download, which could lead to a path traversal attack...