I have just started my career in infosec. I was trying to learn RCE through malicious file upload. I am against jsp application. Application is accepting the JSP file from image logo by using null byte. but after going to the location of uploaded file I am not getting the exact path. Path is like:
You could check online if there is a documentation regarding uploading files with the application you are testing.
You could also find the location for a valid ID, check the file name and then see it that files is referenced in any other part of the application.