4 matches found
CVE-2020-19151
Command Injection in Jfinal CMS v4.7.1 and earlier allows remote attackers to execute arbitrary code by uploading a malicious HTML template file via the component 'jfinalcms/admin/filemanager/list'...
CVE-2020-19151
creationtimestamp| type| source ---|---|--- 2021-09-15 18:22:26+00:00| seen| https://t.me/cibsecurity/28903...
CVE-2020-19151
Command Injection in Jfinal CMS v4.7.1 and earlier allows remote attackers to execute arbitrary code by uploading a malicious HTML template file via the component 'jfinalcms/admin/filemanager/list'...
CVE-2020-19151
The CVE-2020-19151 entry concerns JFinal CMS (versions 4.7.1 and earlier) with a command injection flaw. The vulnerability arises when an attacker uploads a malicious HTML template file through the component jfinal_cms/admin/filemanager/list , enabling remote code execution. Affected software is ...