Rainygao

**Name of the Vulnerable Software and Affected Versions** RainyGao DocSys versions up to 2.02.36 **Description** A flaw exists in the File Upload component of RainyGao DocSys. The `updateRealDoc` function within the `/Doc/uploadDoc.do` file is susceptible to path traversal due to manipulation of the `path` argument. This issue can be exploited remotely. The exploit is publicly available. **Recommendations** Versions prior to 2.02.36 should be updated.