CVE-2018-18434

Severity CVSS v4.0:
Pending analysis
Type:
CWE-22 Path Traversal
Publication date:
17/10/2018
Last modified:
17/06/2026

Description

An issue was discovered in litemall 0.9.0. Arbitrary file download is possible via ../ directory traversal in linlinjava/litemall/wx/web/WxStorageController.java in the litemall-wx-api component.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:linlinjava:litemall:0.9.0:*:*:*:*:*:*:*