3 matches found
Jtbccms V1.0 'jtbc_cms_admin_manage_delete_filedisp()' function has a file deletion vulnerability
Jtbccms is a website system that can expand and clone existing modules. Jtbccms version 1.0 'jtbccmsadminmanagedeletefiledisp' function has a file deletion vulnerability. Due to receiving filepath variable to do iicstr function for adslashes filtering, the code conversion can be directly deleted ...
File Upload Vulnerability in Jtbccms V1.0
Jtbccms is a website system that can expand and clone existing modules. A file upload vulnerability exists in version 1.0 of jtbccms. Due to the background file management office did not verify the uploaded files, resulting in the upload of arbitrary files, serious server privileges can be obtain...
File Deletion Vulnerability in Jtbccms V1.0
Jtbccms is a website system that can expand and clone existing modules. A file deletion vulnerability exists in Jtbccms version 1.0. Due to the deletion of cache files, get receives the file parameter name failed to receive the file path and file name filtering processing, allowing an attacker to...