Raybye/alldata-bug

Unavailable

This project is no longer available (or publicly accessible) from GitHub

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-29434 ↗	Apr 2, 2024Tuesday, 2 April 2024, 22:15	8.3 HIGH	—
An issue in the system image upload interface of Alldata v0.4.6 allows attackers to execute a directory traversal when uploading a file.
CVE-2024-29432 ↗	Apr 2, 2024Tuesday, 2 April 2024, 21:15	9.8 CRITICAL	—
Alldata v0.4.6 was discovered to contain a SQL injection vulnerability via the tablename parameter at /data/masterdata/datas.