CVE-2025-11320 | zhuimengshaonian wisdom-education up to 1.0.4 UploadController.java uploadFile unrestricted upload

A vulnerability was found in zhuimengshaonian wisdom-education up to 1.0.4. It has been declared as critical. Impacted is the function uploadFile of the file src/main/java/com/education/core/controller/UploadController.java. Such manipulation of the argument File leads to unrestricted upload.

This vulnerability is referenced as CVE-2025-11320. It is possible to launch the attack remotely. Furthermore, an exploit is available.VulDB Recent EntriesRead More