2025-12-05 00:00:00
mitre
PUBLISHED
The warehouse management system version 1.2 contains an arbitrary file read vulnerability. The endpoint `/file/showImageByPath` does not sanitize user-controlled path parameters. An attacker could exploit directory traversal to read arbitrary files on the servers file system. This could lead to the leakage of sensitive system information.