8 matches found
CVE-2022-38638
Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource...
GHSA-9VM3-R8GQ-CR6X Casdoor arbitrary file write vulnerability
Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource...
CVE-2022-38638
Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource...
CVE-2022-38638
Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource...
CVE-2022-38638
Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource...
Arbitrary file deletion
Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource...
CVE-2022-38638
Casdoor v1.97.3 is affected by an arbitrary file-write vulnerability exploitable via the fullFilePath parameter in /api/upload-resource. The CVE-2022-38638 entry is rated CRITICAL (CVSS 3.1: AV=N, AC=L, PR=N, UI=N, S=U, C=N, I=H, A=H) with network access and no user interaction. Root cause, impac...
Casdoor 路径遍历漏洞
Casdoor is an open source Identity and Access Management IAM / Single Sign-On SSO platform with a Web UI that supports OAuth 2.0 / OIDC and SAML authentication. A security vulnerability exists in Casdoor v1.97.3, which is caused by an arbitrary file write vulnerability via the fullFilePath...