CNNVD-202509-1479 Information

CNNVD ID

CNNVD-202509-1479

Related CVE

CVE-2025-10232

• CNNVD Published: 2025-09-10

Description (Chinese)

299Ko是299Ko开源的一个简单、快速、轻量级的内容管理系统。 299Ko 2.0.0及之前版本存在路径遍历漏洞，该漏洞源于文件plugin/filemanager/controllers/FileManagerAPIController.php中函数getSentDir/delete的错误操作导致路径遍历。

Description (English)

299 Ko is a simple, fast, lightweight content management system for 299 Ko open source. 299 Ko 2.0 and previous versions have path-to-path loopholes that stem from the error in the file plugin/filemanager/controllers/FileManagerAPIController.php function GetSentDir/delete leading to path-to-path.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

299Ko

Published

2025-09-10

Last Modified

2026-02-24

References

https://github.com/August829/Yu/blob/main/58ead8e7e08bfb010.md https://vuldb.com/?ctiid.323501 https://vuldb.com/?id.323501 https://vuldb.com/?submit.641567