CVE-2026-2864 feng_ha_ha/megagao ssm-erp/production_ssm PictureController.java pictureDelete path traversal

A vulnerability has been found in fenghaha/megagao ssm-erp and productionssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. This affects the function pictureDelete of the file PictureController.java. Such manipulation of the argument picName leads to path traversal. The attack can be launched...