photo_tag 路径遍历漏洞

phototag is a photo tagging tool by the individual developer of Boring YiBa. A security vulnerability exists in phototag version 2020-08-31 and earlier versions, which stems from an incorrect call to Flask's sendfile function that results in absolute path traversal...

CVE-2022-1554 Path Traversal due to `send_file` call in clinical-genomics/scout

Path Traversal due to sendfile call in GitHub repository clinical-genomics/scout prior to 4.52...