CNNVD-202512-134 Information
Dec 01, 2025
cve
CNNVD ID
CNNVD-202512-134
Related CVE
- CNNVD Published: 2025-12-01
Description (Chinese)
WebStack-Guns是Dana Keeling个人开发者的一个开源的网址导航网站项目,后台基于Guns和Springboot。 WebStack-Guns 1.0版本存在路径遍历漏洞,该漏洞源于文件KaptchaController.java中函数renderPicture的错误操作,可能导致路径遍历。
Description (English)
WebStack-Guns is an open-source web-based navigation project for Dana Keeling’s personal developer, based on Guns and Springboot. WebStack-Guns Version 1.0 has a path-to-path loophole, which stems from the error of the renderPicture function in the KaptchaController.java file, which may lead to a path-to-path pass.
Hazard Level
High
Vulnerability Type
路径遍历
Affected Vendor
个人开发者
Published
2025-12-01
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.333820 https://github.com/Xzzz111/exps/blob/main/archives/WebStack-Guns-PathTraversal-1/report.md#proof-of-concept https://vuldb.com/?submit.692080 https://vuldb.com/?id.333820
Share on: