You can basically get all images from any directory by using the "Others" directory. Simply using normal path traversal will not work
That is taken care of, but I first found out that you could send an own fetch-request with a page index. Later I found out this can be done simply by clicking on the "First page" button, as it'd take the input in the text field.
So, first, load a normal dir, like "."
Edit the text input to stuff like "../../../../../../projects/.random/example_folder", and hit "First page"
The folder will in fact load!
This means you can read any images onanother pc!
Now, I can do one better:
The "Move to favorites" button moves the Image out of the current folder to your favorite image folder. Now, here, there is no check if it is actually an image! Simply modify the request:
Here, I will move a valuable file called dont_move_me.txt
This allows you moving any file away, basically allowing to delete any file you want.
I was testing around and boi, this is not good.
You can basically get all images from any directory by using the "Others" directory. Simply using normal path traversal will not work
That is taken care of, but I first found out that you could send an own fetch-request with a page index. Later I found out this can be done simply by clicking on the "First page" button, as it'd take the input in the text field.
So, first, load a normal dir, like "."
Edit the text input to stuff like "../../../../../../projects/.random/example_folder", and hit "First page"
The folder will in fact load!
This means you can read any images onanother pc!
Now, I can do one better:
The "Move to favorites" button moves the Image out of the current folder to your favorite image folder. Now, here, there is no check if it is actually an image! Simply modify the request:
Here, I will move a valuable file called dont_move_me.txt
This allows you moving any file away, basically allowing to delete any file you want.
Please fix immediately.