Plusls

**Name of the Vulnerable Software and Affected Versions** OnlineJudge version 2.0 **Description** The issue concerns an incorrect access control vulnerability in the sandbox of OnlineJudge. This vulnerability allows a user to write a file anywhere, including writing a directory listing to /tmp. Furthermore, it enables the leakage of file data through the use of `#include`. **Recommendations** For OnlineJudge version 2.0, consider restricting access to the sandbox functionality to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the `#include` directive in the affected areas to prevent file data leakage.