3 matches found
CVE-2024-8782
creationtimestamp| type| source ---|---|--- 2024-09-13 21:18:44+00:00| seen| https://t.me/cvedetector/5634...
CVE-2024-8782
CVE-2024-8782 affects JFinalCMS up to version 1.0. The flaw is in the delete function of /admin/template/edit, where manipulating the name argument enables path traversal and remote deletion of arbitrary files. Multiple sources confirm the issue, with exploitation discussed publicly. Remediation ...
CVE-2024-8782 JFinalCMS edit delete path traversal
A vulnerability was found in JFinalCMS up to 1.0. It has been rated as critical. This issue affects the function delete of the file /admin/template/edit. The manipulation of the argument name leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the publ...