"EasyRange" may insecurely load executable files

Overview "EasyRange" provided by sira.jp according to the original report submitted by the reporter is a tool to extract compressed files. "EasyRange" contains an issue with the executable file search path when displaying an extracted file on Explorer, which may lead to loading an executable file...

Directory Traversal

github.com/unknwon/cae is vulnerable to directory traversal. The vulnerability exists as the ExtractTo function does not sanitize file paths in zip archives, allowing ../ in file path to be resolved outside the intended extraction folder and potentially allowing arbitrary file write...