An arbitrary File download vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb.common.controller.FileController: fileDownload(). An attacker can pass in specially crafted filePath and fieName parameters to perform arbitrary File download.
[
{
"cpes": [
"cpe:2.3:a:xxyopen:novel-plus:4.3.0:rc1:*:*:*:*:*:*"
],
"vendor": "xxyopen",
"product": "novel-plus",
"versions": [
{
"status": "affected",
"version": "4.3.0"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:xxyopen:novel-plus:*:*:*:*:*:*:*:*"
],
"vendor": "xxyopen",
"product": "novel-plus",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "4.2.0"
}
],
"defaultStatus": "unknown"
}
]