cld378632668 JavaMall Unrestricted File Upload Vulnerability in MinioController

Vulnerability

A vulnerability allowing arbitrary file uploads has been identified in cld378632668 JavaMall versions through 994f1e2b019378ec9444cdf3fce2d5b5f72d28f0. The issue resides in the MinioController.java file, specifically within the Upload function. This vulnerability arises because the application fails to validate file extensions and does not prevent directory traversal, enabling attackers to upload any type of file. The vulnerability can be exploited remotely, potentially leading to severe consequences such as unauthorized code execution.

Impact

Exploitation of this vulnerability allows for unrestricted file uploads, which can be used to upload malicious files that may be executed on the server, leading to a compromise of the application or the underlying system.

Added: Jan 5, 2026, 1:18 AM

Updated: Jan 5, 2026, 1:18 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

1.8

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

1.8

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

cld378632668 JavaMall Unrestricted File Upload Vulnerability in MinioController

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating