lingochamp/FileDownloader on GitHub
Multitask、MultiThread(MultiConnection)、Breakpoint-resume、High-concurrency、Simple to use、Single/NotSingle-process
CVE History
CVE | Published | CVSS v2 | CVSS v3 |
---|---|---|---|
CVE-2018-11248 | 9.8 CRITICAL | 7.5 HIGH | |
util/FileDownloadUtils.java in FileDownloader 1.7.3 does not check an attachment's name. If an attacker places "../" in the file name, the file can be stored in an unintended directory because of Directory Traversal. |