Path Traversal via File Paths

User-influenced path segments get concatenated into File/FileInputStream targets without a robust resolved-path-within-base check, so traversal (../) or alternate-path injection can escape the intended directory and open or read unintended files.