漏洞描述
WWBN AVideo中存在目录遍历漏洞。该漏洞是由于在unzipDirectory函数中提取zip文件时输入验证不正确造成的。
WWBN AVideo unzipDirectory ZIP 目录遍历漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2022-32770: WWBN AVideo 11.6 - Cross-Site Scripting
- POC CVE-2022-32771: WWBN AVideo 11.6 - Cross-Site Scripting
- POC CVE-2022-32772: WWBN AVideo 11.6 - Cross-Site Scripting
- POC CVE-2023-48728: WWBN AVideo 11.6 - Cross-Site Scripting
- POC avideo-install: AVideo Installer - Detect
- POC avideo-install: AVideo Installer - Detect
- WWBN AVideo image403.php页面错误信息跨站脚本漏洞
- WWBN AVideo charts tab selection XSS漏洞
- WWBN AVideo 11.6跨站脚本漏洞
- WWBN AVideo 11.6跨站脚本漏洞
- WWBN AVideo chunkFile 命令注入漏洞
- WWBN AVideo 11.6跨站脚本漏洞
- CVE-2022-33147 WWBN AVideo 11.6存在SQL注入漏洞