CVE-2018-18434

CVE-2018-18434

EPSS 2.4%

An issue was discovered in litemall 0.9.0. Arbitrary file download is possible via ../ directory traversal in linlinjava/litemall/wx/web/WxStorageController.java in the litemall-wx-api component.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/linlinjava/litemall/commit/49ab94d0052672d4fb642505d44b94a18abea332 https://github.com/linlinjava/litemall/issues/76