CVE-2025-11631 | RainyGao DocSys up to 2.02.36 /Doc/deleteDoc.do path path traversal

A vulnerability categorized as critical has been discovered in RainyGao DocSys up to 2.02.36. Affected by this vulnerability is an unknown functionality of the file /Doc/deleteDoc.do. Executing manipulation of the argument path can lead to path traversal.

This vulnerability is tracked as CVE-2025-11631. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More