2 matches found
CVE-2018-18434
An issue was discovered in litemall 0.9.0. Arbitrary file download is possible via ../ directory traversal in linlinjava/litemall/wx/web/WxStorageController.java in the litemall-wx-api component...
CVE-2018-18434
The CVE-2018-18434 vulnerability affects Litemall 0.9.0 in the litemall-wx-api component, specifically in WxStorageController.java, where a directory traversal (../) enables arbitrary file download. This is a network-accessible issue with a high-severity impact per CVSS (C:H/I:N/A:N) and partial ...