JCMS 2 0 1 0 arbitrary File Download vulnerability-vulnerability warning-the black bar safety net

Publishing author: Beach Affected version: V2010 Official address: http://www.hanweb.com/ Vulnerability type: File Download Vulnerability Description: The JCMS 2 0 1 0 downfile. jsp to download the presence of the vulnerability can be configured to download any files. Description: In...

JCMS 2010 - File Download

Title: JCMS 2010 File Download Vulnerability Date: 2010-11-22 Author: Beach Team: http://www.linux520.com/ Vendor: http://www.hanweb.com/ Language:Java Greetz: Brother Description: In /module/download/downfile.jsp ,filename and pathfile didn't verify user's input So this vulnerability allows an...