从这个网页截图中,可以获取到以下关于漏洞的关键信息: 1. 漏洞编号和名称: - GHSL-2024-297 - GHSL-2024-298 - CVE-2024-49380 - CVE-2024-49381 2. 受影响的项目: - Plenti 3. 受影响的版本: - v0.7.1 4. 问题描述: - Issue 1: Arbitrary File Write in serve.go (GHSL-2024-297) - The endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. - Issue 2: Arbitrary File Deletion in serve.go (GHSL-2024-298) - The endpoint is vulnerable to an arbitrary file write deletion when a plenti user serves their website. 5. 影响: - Issue 1 may lead to Remote Code Execution. - Issue 2 may lead to Information Loss. 6. CVE编号: - GHSL-2024-297 - CVE-2024-49380 - GHSL-2024-298 - CVE-2024-49381 7. 报告者: - GHSL team member @Kwstubbs (Kevin Stubbings) 8. 联系方式: - You can contact the GHSL team at securitylab@github.com, please include a reference to GHSL-2024-297 or GHSL-2024-298 in any communication regarding these issues.