CVE-2024-8707

A vulnerability was found in ?????????? Yunke Online School System up to 3.0.6. It has been declared as problematic. This vulnerability affects the function downfile of the file application/admin/controller/Appadmin.php. The manipulation of the argument url leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt