6 matches found
PT-2025-21570 · Dumb Drop · Dumb Drop
Name of the Vulnerable Software and Affected Versions: DumbDrop versions prior to commit db27b25372eb9071e63583d8faed2111a2b79f1b Description: The issue is related to a DOM cross-site scripting vulnerability in the upload functionality. A user could be tricked into uploading a file with a malicio...
Dumb Drop 安全漏洞
Dumb Drop is an open source application from DumbWare. A security vulnerability exists in Dumb Drop that stems from OS command injection and could allow an attacker to remotely execute arbitrary code...
CVE-2025-24891
Dumb Drop is a file upload application. Users with permission to upload to the service are able to exploit a path traversal vulnerability to overwrite arbitrary system files. As the container runs as root by default, there is no limit to what can be overwritten. With this, it's possible to inject...
CVE-2025-24891 Dumb Drop has an arbitrary file overwrite and path traversal for root shell
Dumb Drop is a file upload application. Users with permission to upload to the service are able to exploit a path traversal vulnerability to overwrite arbitrary system files. As the container runs as root by default, there is no limit to what can be overwritten. With this, it's possible to inject...
CVE-2025-24891 Dumb Drop has an arbitrary file overwrite and path traversal for root shell
Dumb Drop is a file upload application. Users with permission to upload to the service are able to exploit a path traversal vulnerability to overwrite arbitrary system files. As the container runs as root by default, there is no limit to what can be overwritten. With this, it's possible to inject...
Dumb Drop 安全漏洞
Dumb Drop is an open source application from DumbWare. A security vulnerability exists in Dumb Drop that stems from a path traversal issue that allows users with upload privileges to overwrite arbitrary system files, potentially leading to malicious code injection...