25 matches found
CVE-2022-31836
The leafInfo.match function in Beego v2.0.3 and below uses path.join to deal with wildcardvalues which can lead to cross directory risk...
Cross site scripting
The leafInfo.match function in Beego v2.0.3 and below uses path.join to deal with wildcardvalues which can lead to cross directory risk...
Beego 路径遍历漏洞
Beego is an open source web framework based on the Go language. A security vulnerability exists in Beego v2.0.3 and earlier versions, which stems from the use of path.join by the leafInfo.match function to handle wildcardValues, which may lead to cross-directory risks...
CVE-2022-31836
The leafInfo.match function in Beego v2.0.3 and below uses path.join to deal with wildcardvalues which can lead to cross directory risk...
Path Traversal
socket.io-file is vulnerable to path traversal. The vulnerability is possible as file upload paths are generated by directly passing unsanitised user-provided name to path.join in the function socket.io-file::createFile through uploadDir and rename options...