Directory Traversal in the fileDownload function in com/java2nb/common/controller/FileController.java in Novel-plus (?????-plus) 3.5.1 allows malicious users to read arbitrary files via the filePath parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
novel boutique house-plus project novel boutique house-plus 3.5.1 |