Metrics
Affected Vendors & Products
Wed, 03 Sep 2025 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Viglet
Viglet shio |
|
CPEs | cpe:2.3:a:viglet:shio:*:*:*:*:*:*:*:* | |
Vendors & Products |
Viglet
Viglet shio |
Thu, 31 Jul 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 31 Jul 2025 10:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Openviglet
Openviglet shio |
|
Vendors & Products |
Openviglet
Openviglet shio |
Thu, 31 Jul 2025 01:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability classified as critical has been found in openviglet shio up to 0.3.8. Affected is the function shStaticFileUpload of the file shio-app/src/main/java/com/viglet/shio/api/staticfile/ShStaticFileAPI.java. The manipulation of the argument filename leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |
Title | openviglet shio ShStaticFileAPI.java shStaticFileUpload unrestricted upload | |
Weaknesses | CWE-284 CWE-434 |
|
References |
| |
Metrics |
cvssV2_0
|

Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2025-07-31T14:33:44.225Z
Reserved: 2025-07-30T09:47:56.586Z
Link: CVE-2025-8344

Updated: 2025-07-31T13:39:21.793Z

Status : Analyzed
Published: 2025-07-31T02:15:27.800
Modified: 2025-09-03T14:17:09.327
Link: CVE-2025-8344

No data.

Updated: 2025-07-31T10:09:12Z