Improper access control in Jfinal CMS 5.1.0 allows attackers to access sensitive information via /classes/conf/db.properties&config=filemanager.config.js.
CPE | Name | Operator | Version |
---|---|---|---|
jfinal_cms | eq | 3.1.1 | |
jfinal_cms | eq | 4.1.2 | |
jfinal_cms | eq | 3.1.0 | |
jfinal_cms | eq | 4.7.0 | |
jfinal_cms | eq | 5.1.0 | |
jfinal_cms | eq | 4.5.0 | |
jfinal_cms | eq | 4.0.0 | |
jfinal_cms | eq | 2.9.2 | |
jfinal_cms | eq | 2.0.0 | |
jfinal_cms | eq | 4.1.5 |