3 matches found
CVE-2021-42967
Unrestricted file upload in /novel-admin/src/main/java/com/java2nb/common/controller/FileController.java in novel-plus all versions allows allows an attacker to upload malicious JSP files...
CVE-2021-42967
Unrestricted file upload in /novel-admin/src/main/java/com/java2nb/common/controller/FileController.java in novel-plus all versions allows allows an attacker to upload malicious JSP files...
CVE-2021-42967
CVE-2021-42967 affects novel-plus; unrestricted file upload in /novel-admin/src/main/java/com/java2nb/common/controller/FileController.java allows uploading JSP files across all versions. Root cause is lack of file upload restrictions, enabling remote attackers to plant hostile JSPs (impact: part...