CVEs-PoC/2022/CVE-2022-25297.md at b0e96c877abb080d7cf221c036336480ff266ccf

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-06-05 06:38:06 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

This affects the package drogonframework/drogon before 1.7.5. The unsafe handling of file names during upload using HttpFile::save() method may enable attackers to write files to arbitrary locations outside the designated target folder.

POC

Reference

https://snyk.io/vuln/SNYK-UNMANAGED-DROGONFRAMEWORKDROGON-2407243

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/CVEDB/Poc-Git
https://github.com/CVEDB/cve
https://github.com/Kirill89/Kirill89
https://github.com/SkyBelll/CVE-PoC
https://github.com/jaeminLeee/cve
https://github.com/trickest/cve
https://github.com/w3security/PoCVE

1.0 KiB Raw Blame History

CVE-2022-25297

Description

POC

Reference

Github

1.0 KiB

Raw Blame History