CVE-2025-46822 PoC — Java-springboot-codebase 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-46822.yaml

Associated Vulnerability

Title:Java-springboot-codebase 安全漏洞 (CVE-2025-46822)
Description:Java-springboot-codebase是osama个人开发者的一个 Java 和 Spring Boot 代码片段、应用程序和项目的集合。 Java-springboot-codebase c835c6f之前版本存在安全漏洞，该漏洞源于路径遍历机制不足，可能导致未授权访问敏感文件。

Description

OsamaTaher/Java-springboot-codebase is a collection of Java and Spring Boot code snippets, applications, and projects. Prior to commit c835c6f7799eacada4c0fc77e0816f250af01ad2, insufficient path traversal mechanisms make absolute path traversal possible. This vulnerability allows unauthorized access to sensitive internal files. Commit c835c6f7799eacada4c0fc77e0816f250af01ad2 contains a patch for the issue.

File Snapshot


 id: CVE-2025-46822

info:
  name: Java-springboot-codebase 1.1 - Arbitrary File Read
  author: halit

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!