Github.Com Flipped-Aurora Gin-Vue-Admin Server vulnerabilities
2 known vulnerabilities affecting github.com/flipped-aurora_gin-vue-admin_server.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2024-31457HIGH≥ 0, < 0.0.0-20240409100909-b1b7427c6ea62024-04-09
CVE-2024-31457 [HIGH] CWE-22 gin-vue-admin background arbitrary code coverage vulnerability
gin-vue-admin background arbitrary code coverage vulnerability
### Impact
"gin-vue-admin Plugin Template feature, an attacker can perform directory traversal by manipulating the 'plugName' parameter. They can create specific folders such as 'api', 'config', 'global', 'model', 'router', 'service', and 'main.go' function within the specified traversal directory. Moreover, the Go files within these folders
ghsaosv
CVE-2022-39345CRITICAL≥ 0, < 2.5.42022-10-25
CVE-2022-39345 [CRITICAL] CWE-22 Gin-vue-admin subject to Remote Code Execution via file upload vulnerability
Gin-vue-admin subject to Remote Code Execution via file upload vulnerability
### Impact
Gin-vue-admin < 2.5.4 has File upload vulnerabilities。
File upload vulnerabilities are when a web server allows users to upload files to its filesystem without sufficiently validating things like their name, type, contents, or size. Failing to properly enforce restrictions on these could mean that ev
ghsaosv