Directory Traversal in the fileDownload function in com/java2nb/common/controller/FileController.java in Novel-plus (小说精品屋-plus) 3.5.1 allows attackers to read arbitrary files via the filePath parameter.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-04-29T16:21:09
Updated: 2024-08-03T22:24:59.363Z
Reserved: 2021-04-02T00:00:00
Link: CVE-2021-30048
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-04-29T17:15:09.060
Modified: 2023-11-07T03:32:58.160
Link: CVE-2021-30048
Redhat
No data.