Vendor: lsgwr
Product: spring-boot-online-exam
Affected versions: v0.9
Type: Directory Traversal
Description
Directory Traversal vulnerability in lsgwr spring boot online exam v.0.9 allows an attacker to execute arbitrary code via the FileTransUtil.java component.
Affected Component
/backend/src/main/java/lsgwr/exam/utils/FileTransUtil.java: saveUploadedFiles
Attack Type
Remote
Attack Type Other
Path Travel
CVE Impact Other
Path Travel
Reference