VYPR

Go modules package

github.com/flipped-aurora/gin-vue-admin

pkg:golang/github.com/flipped-aurora/gin-vue-admin

Vulnerabilities (3)

  • CVE-2026-22786Jan 12, 2026
    affected <= 2.8.7

    Gin-vue-admin is a backstage management system based on vue and gin. Gin-vue-admin <= v2.8.7 has a path traversal vulnerability in the breakpoint resume upload functionality. Attacker can upload any files on any directory. In the breakpoint_continue.go file, the MakeFile function

  • CVE-2025-66410Dec 1, 2025
    affected < 0.9.1-0.20251201084432-ee8d8d7e04d9fixed 0.9.1-0.20251201084432-ee8d8d7e04d9

    Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.

  • CVE-2022-47762Feb 3, 2023
    affected < 2.5.5fixed 2.5.5

    In gin-vue-admin < 2.5.5, the download module has a Path Traversal vulnerability.