CNNVD-202510-1614 Information

CNNVD ID

CNNVD-202510-1614

Related CVE

CVE-2025-11630

• CNNVD Published: 2025-10-12

Description (Chinese)

MxsDoc是Rainy开源的一个基于 Web 的文件管理系统。 MxsDoc 2.02.36及之前版本存在路径遍历漏洞，该漏洞源于对文件/Doc/uploadDoc.do中参数path的错误操作，可能导致路径遍历攻击。

Description (English)

MxsDoc is a web-based document management system from Rainy Open Source. MxDoc 2.02.36 and previous versions have path-to-path loopholes, which stem from the error of the parameter path in file/Doc/uploadDoc.do, which may lead to a path-to-path attack.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

Rainy

Published

2025-10-12

Last Modified

2026-02-24

References

https://github.com/xkalami-Tta0/CVE/blob/main/DocSys/%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0.md https://vuldb.com/?ctiid.328042 https://vuldb.com/?id.328042 https://vuldb.com/?submit.664845

Patch

https://github.com/RainyGao-GitHub/DocSys/releases