Lucene search
K

5 matches found

CVE
CVE
added 2024/09/11 11:31 p.m.66 views

CVE-2024-8706

CVE-2024-8706 affects JFinalCMS up to 20240903, where the function update in com.cms.util.TemplateUtils exposes a path traversal in the fileName argument of /admin/template/update. This allows a remote attacker to exploit the vulnerability, with public exploits reported. The CVSS details indicate...

6.5CVSS4.7AI score0.00749EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2024/09/11 11:31 p.m.25 views

CVE-2024-8706 JFinalCMS com.cms.util.TemplateUtils update path traversal

A vulnerability was found in JFinalCMS up to 20240903. It has been classified as problematic. This affects the function update of the file /admin/template/update of the component com.cms.util.TemplateUtils. The manipulation of the argument fileName leads to path traversal. It is possible to...

5.3CVSS0.00749EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/09/11 12:0 a.m.5 views

JFinalCMS 路径遍历漏洞

JFinalCMS is a content management system by heyewei personal developer. A path traversal vulnerability exists in JFinalCMS version 20240903 and earlier, which stems from the fileName parameter in the file /admin/template/update, which can lead to path traversal...

6.5CVSS4.9AI score0.00749EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/09/11 12:0 a.m.7 views

PT-2024-39181 · Jfinalcms · Jfinalcms

Name of the Vulnerable Software and Affected Versions: JFinalCMS versions up to 20240903 Description: A problematic issue was found in JFinalCMS, affecting the update function of the /admin/template/update component, specifically the com.cms.controller.admin.TemplateController. The manipulation o...

5.1CVSS4.6AI score0.00792EPSS
Exploits1References9
CNNVD
CNNVD
added 2024/09/11 12:0 a.m.5 views

JFinalCMS 路径遍历漏洞

JFinalCMS is a content management system by heyewei personal developer. A path traversal vulnerability exists in JFinalCMS version 20240903 and earlier, which stems from the fileName parameter in the file /admin/template/update, which can lead to path traversal...

5.1CVSS4.8AI score0.00792EPSS
Exploits1References6
Rows per page
Query Builder