Back to search
CVE-2021-30048
Published: Apr 29, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
Directory Traversal in the fileDownload function in com/java2nb/common/controller/FileController.java in Novel-plus (小说精品屋-plus) 3.5.1 allows attackers to read arbitrary files via the filePath parameter.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://www.exploit-db.com/exploits/49724
x_refsource_MISC
https://github.com/201206030/novel-plus/issues/39
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now