| Title | code-projects Email Logging Interface 2.0 Path Traversal: '../filedir' |
|---|
| Description | In signup.cpp, the username parameter supplied by the user is used directly to construct a file-system path without any sanitization or validation. An attacker can inject directory-traversal sequences (e.g., ../), causing the application to create folders outside the intended directory. |
|---|
| Source | ⚠️ https://github.com/asd1238525/cve/blob/main/Dir1c.md |
|---|
| User | yunlin (UID 79129) |
|---|
| Submission | 10/30/2025 06:01 (8 months ago) |
|---|
| Moderation | 11/14/2025 17:16 (15 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 332497 [code-projects Email Logging Interface 2.0 signup.cpp Username path traversal] |
|---|
| Points | 18 |
|---|