7 matches found
JCMS 2010 file download vulnerability
No description provided by source. Title: JCMS 2010 File Download Vulnerability Date: 2010-11-22 Author: Beach Team: http://www.linux520.com/ Vendor: http://www.hanweb.com/ Language:Java Greetz: Brother Description: In /module/download/downfile.jsp ,filename and pathfile didn't verify user's inpu...
Hanweb JCMS 2010 /down.jsp 任意文件下载漏洞
No description provided by source...
JCMS 2 0 1 0 arbitrary File Download vulnerability-vulnerability warning-the black bar safety net
Publishing author: Beach Affected version: V2010 Official address: http://www.hanweb.com/ Vulnerability type: File Download Vulnerability Description: The JCMS 2 0 1 0 downfile. jsp to download the presence of the vulnerability can be configured to download any files. Description: In...
JCMS 2010 file download vulnerability
Exploit for jsp platform in category web applications ===================================== JCMS 2010 file download vulnerability ===================================== Title: JCMS 2010 File Download Vulnerability Date: 2010-11-22 Author: Beach Team: http://www.linux520.com/ Vendor:...
JCMS 2010任意文件下载漏洞
大汉版通JCMS 2010内容管理系统是基于J2EE构架设计,以全新理念构建的内容管理系统。系统提供了从内容采集、 创建、管理、传递、发布、共享呈送等信息全生命周期过程中所需的各项功能。 在/module/download/downfile.jsp文件中,没有对pathfile和filename参数进行判断,导致可以下载任意 WEB目录下的文件。 JCMS 2010 SEBUG临时解决办法 对pathfile和filename参数进行合理判断。 ———— http://www.hanweb.com/...
JCMS 2010 File Download
Title: JCMS 2010 File Download Vulnerability Date: 2010-11-22 Author: Beach Team: http://www.linux520.com/ Vendor: http://www.hanweb.com/ Language:Java Greetz: Brother Description: In /module/download/downfile.jsp ,filename and pathfile didn't verify user's input So this vulnerability allows an...
JCMS 2010 - File Download
Title: JCMS 2010 File Download Vulnerability Date: 2010-11-22 Author: Beach Team: http://www.linux520.com/ Vendor: http://www.hanweb.com/ Language:Java Greetz: Brother Description: In /module/download/downfile.jsp ,filename and pathfile didn't verify user's input So this vulnerability allows an...