JCMS 2010 file download vulnerability

Exploit for jsp platform in category web applications ===================================== JCMS 2010 file download vulnerability ===================================== Title: JCMS 2010 File Download Vulnerability Date: 2010-11-22 Author: Beach Team: http://www.linux520.com/ Vendor:...

JCMS 2010 File Download

Title: JCMS 2010 File Download Vulnerability Date: 2010-11-22 Author: Beach Team: http://www.linux520.com/ Vendor: http://www.hanweb.com/ Language:Java Greetz: Brother Description: In /module/download/downfile.jsp ,filename and pathfile didn't verify user's input So this vulnerability allows an...