5 matches found
CVE-2022-39345
Gin-vue-admin pre-2.5.4 is vulnerable to a path-traversal/file-upload flaw. The Unzip routine decompresses uploaded zips without validating contents, enabling Zip Slip-style traversal to overwrite arbitrary files. Affected versions:
CVE-2022-24843 Path Traversal in github.com/flipped-aurora/gin-vue-admin
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stack. Gin-vue-admin 2.50 has arbitrary file read vulnerability due to a lack of parameter validation. This has been resolved in version 2.5.1. There are no known workarounds for th...
CVE-2022-21660 Missing authorization in gin-vue-admin
Gin-vue-admin is a backstage management system based on vue and gin. In versions prior to 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the setUserInfo function. Users are advised to update as soon as possible. There are no known workarounds...
Tangshan Ping Sheng Electronic Technology Development Co., Ltd. website backstage management system has a logic flaw vulnerability
Tangshan Ping Sheng Electronic Technology Development Co., Ltd. business scope includes: electronic products, instruments, electrical equipment, computers, software, automatic control system design, manufacturing, electromechanical equipment, wholesale, retail; technical services and so on...
Panshi China asp the backstage management system upload vulnerability and fix-vulnerability warning-the black bar safety net
By: Red snow Official: http://www.chpanshi.net/ Ver: asp Enterprise version, the background structure is substantially a touch of the same. Large cattle bypass, this no technical content, just speak from experience, guys don't yell at me for. (Thank you Allen upx8 invitation code Nothing else, op...