NocoDB through 0.106.0 (or 0.109.1)... CVE-2023-35843

- AV AC AU C I A
发布: 2025-04-13
修订: 2025-04-13

NocoDB through 0.106.0 (or 0.109.1) has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server by manipulating the path parameter of the /download route. This vulnerability could allow an attacker to access sensitive files and data on the server, including configuration files, source code, and other sensitive information.

0%
暂无可用Exp或PoC
当前有0条受影响产品信息