JoeyBling SpringBoot_MyBatisPlus download path traversal

July 12, 2025 invoker category_cve

CVE Details

Basic Information

Title JoeyBling SpringBoot_MyBatisPlus download path traversal
Type cve
Published 2025-07-12T19:32:05.595Z
Modified 2025-07-12T19:32:05.595Z

Product Information

Vendor JoeyBling
Product SpringBoot_MyBatisPlus
Version a6a825513bd688f717dbae3a196bc9c9622fea26

CVSS Information

Base Score 5.3 (MEDIUM)
Attack Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Affected Products

  • JoeyBling SpringBoot_MyBatisPlus a6a825513bd688f717dbae3a196bc9c9622fea26

Additional Information

CWE List CWE-22
Source VulDB

Description

A vulnerability has been found in JoeyBling SpringBoot_MyBatisPlus up to a6a825513bd688f717dbae3a196bc9c9622fea26 and classified as critical. This vulnerability affects the function Download of the file /file/download. The manipulation of the argument Name leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.