Vulnerabilities > Jnoj > Jiangnan Online Judge > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-13 | CVE-2019-17538 | Path Traversal vulnerability in Jnoj Jiangnan Online Judge 0.8.0 Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file reading via the web/polygon/problem/viewfile?id=1&name=../ substring. | 7.5 |
| 2019-10-13 | CVE-2019-17537 | Path Traversal vulnerability in Jnoj Jiangnan Online Judge 0.8.0 Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for file deletion via the web/polygon/problem/deletefile?id=1&name=../ substring. | 7.5 |
| 2019-10-10 | CVE-2019-17490 | Unrestricted Upload of File with Dangerous Type vulnerability in Jnoj Jiangnan Online Judge 0.8.0 app\modules\polygon\controllers\ProblemController in Jiangnan Online Judge (aka jnoj) 0.8.0 allows arbitrary file upload, as demonstrated by PHP code (with a .php filename but the image/png content type) to the web/polygon/problem/tests URI. | 8.8 |