CVE-2018-11248
Published
CVSS v3
N/A
CVSS v2
7.5
HIGH
Affected
1
PROJECT
Description
util/FileDownloadUtils.java in FileDownloader 1.7.3 does not check an attachment's name. If an attacker places "../" in the file name, the file can be stored in an unintended directory because of Directory Traversal.
Multitask、MultiThread(MultiConnection)、Breakpoint-resume、High-concurrency、Simple to use、Single/NotSingle-process
GitHub