Lucene search
China National Vulnerability DatabaseCNVD-2023-64219HistoryAug 15, 2023 - 12:00 a.m.
ZrLog Directory Traversal Vulnerability
2023-08-1500:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
zrlog
directory traversal
vulnerability
java
admin api
templatecontroller
deletion function
remote attacker
denial of service
cnvd
EPSS
0.003
Percentile
68.9%
ZrLog is a blogging system developed using the Java language. A directory traversal vulnerability exists in ZrLog version 2.1.15, which stems from a lack of validity checking of paths in the admin.api.TemplateController deletion function when processing directory requests, and can be exploited by a remote attacker to delete arbitrary files and cause a denial of service (DoS).
Related
cvelist
cvelist
CVE-2020-27514
2023-08-11 00:00:00
prion
prion
Directory traversal
2023-08-11 14:15:00
nvd
nvd
CVE-2020-27514
2023-08-11 14:15:10
cve
cve
CVE-2020-27514
2023-08-11 14:15:10