CVE

CVE-2021-30048

CVE-2021-30048

Directory Traversal in the fileDownload function in com/java2nb/common/controller/FileController.java in Novel-plus (?????-plus) 3.5.1 allows attackers to read arbitrary files via the filePath parameter.

Source: CVE-2021-30048

Exit mobile version