Directory Traversal vulnerability in Zrlog backup-sql-file.jar v.3.0.31 allows a remote attacker to obtain sensitive information via the BackupController.java file.
{ "vanir_signatures": [ { "id": "CVE-2024-57669-2ff02fea", "signature_type": "Function", "target": { "file": "src/main/java/com/zrlog/plugin/backup/controller/BackupController.java", "function": "downfile" }, "digest": { "function_hash": "192130162443183480699190354888858116123", "length": 383.0 }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/zrlog-extensions/zrlog-plugin-backup-sql-file/commit/32bdb36e6cc4f0b72e1ba85ef4458fb980946ea4" }, { "id": "CVE-2024-57669-b3728521", "signature_type": "Line", "target": { "file": "src/main/java/com/zrlog/plugin/backup/controller/BackupController.java" }, "digest": { "line_hashes": [ "303016340479936427980741962626774559765", "268756422590664105512084414180370165550", "94337005533773590574085903138507254019", "270052608554154511898766539532221133505", "165489269928368585257365929876891878734", "133385441231555184407742339536955993099", "58730557772371324414003881850806435880", "203374881724177662601730508548436101776" ], "threshold": 0.9 }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/zrlog-extensions/zrlog-plugin-backup-sql-file/commit/32bdb36e6cc4f0b72e1ba85ef4458fb980946ea4" } ] }