dst-admin Code Injection Vulnerability

dst-admin is a web program written in Java by qinming99, an individual developer. A security vulnerability exists in dst-admin v1.5.0, which is caused by a Remote Command Execution RCE vulnerability in the parameter userId of the component /home/playerOperate...