Dahan version of JCMS2.4 LDAP module file upload vulnerability
Dahan Edition JCMS is a popular content management system in China. A file upload vulnerability exists in Dahan Editon JCMS 2.4 LDAP module, data recovery function. The file /ldap/update/update.jsp does not have any restriction on the uploaded file types and contents. Allows an attacker to exploi...