CVE-2021-3916

CVE-2021-3916 affects BookStack (bookstackapp/bookstack). The vulnerability is an Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) in the web-facing file handling, enabling access to files under the storage directory via crafted pathnames. The PoC demonstrates traversa...

BookStack 路径遍历漏洞

BookStack is a suite of open source platforms for building wiki documentation using PHP and Laravel from the BookStackApp Bookstackapp team. A path traversal vulnerability exists in bookstack, which stems from an improper restriction of pathnames to restricted directories in the affected product...

Path Traversal in bookstackapp/bookstack

Description During reading recent BookStack source code 85dc8d I discovered path traversal vulnerability. Authenticated user can have access to all files stored in storage directory. Proof of Concept GET /uploads/images/..%2f/..%2f/logs/laravel.log HTTP/1.1 Host: 172.17.0.1:8888 User-Agent:...

CVE-2021-3906

bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type...

CVE-2021-3906

bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type...

Unrestricted file upload

bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type...

CVE-2021-3906

CVE-2021-3906 affects BookStack (bookstackapp/bookstack) via Unrestricted Upload of File with Dangerous Type. The root cause is a validation bypass: trim is applied to single-quoted strings, so an extension like pngr becomes png after trimming, allowing dangerous files to pass validation. This en...

BookStack 代码问题漏洞

BookStack is an open source platform for building wiki documents using PHP and Laravel from the BookStackApp Bookstackapp team. A code issue vulnerability exists in bookstack that stems from bookstack's susceptibility to unlimited uploads of dangerous types of files...

in bookstackapp/bookstack

Description The image extension validation service for Base64 image extraction in new Bookstack version is flawed as it uses the vulnerable trim function. This allows attackers to upload malicious files with broken extension, such as pngr, and browsers will interpret broken extension hosted on th...

CVE-2021-3874

bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal'...

CVE-2021-3874

bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal'...

Path traversal

bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal'...

CVE-2021-3874

CVE-2021-3874: Path traversal in bookstackapp/bookstack (BookStack) due to improper restriction of restricted-directory pathnames. Impact described in connected sources as exposure of sensitive files via crafted pathnames (e.g., accessing logs/.htaccess) in BookStack export/filesystem operations....

BookStack 路径遍历漏洞

BookStack is an open source set of BookStackApp Bookstackapp team's platform for building wiki documents using PHP and Laravel. bookstackapp suffers from a security vulnerability that stems from an improper restriction on the pathname of restricted directories in bookstack. An attacker could...

in bookstackapp/bookstack

Description The dompdf chroot option in Bookstack App is set to basepath, which is the Laravel root folder /var/www/bookstack. An attacker can hence load any image file in the Laravel folder /var/www/bookstack or its subdirectories via PDF exports. Proof of Concept 1: Place an image file in...

in bookstackapp/bookstack

Description Bookstack does not use secure Cache-Control headers. Proof of Concept 1: Login to application 2: View a shelf 3: Logout 4: Press the back button of the opened tab to still see that you can view the information about books previous page of your shelf. Impact This issue is capable of...

BookStack Cross-Site Scripting Vulnerability (CNVD-2021-93902)

BookStack is a platform for storing and organizing information and documents. bookStack suffers from a stored cross-site scripting vulnerability. An attacker could use the vulnerability to obtain administrator cookies, among other things...

BookStack Cross-Site Scripting Vulnerability (CNVD-2021-93901)

BookStack, a platform for storing and organizing information and documents, is vulnerable to a storage cross-site scripting vulnerability. An attacker could use this vulnerability to obtain administrator cookies, etc...

CVE-2021-3768

bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

CVE-2021-3767

bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...