EUVD-2020-11062

Malware in sbrugna...

CVE-2020-19155

Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information and/or execute arbitrary code via the 'FileManager.rename' function in the component 'modules/filemanager/FileManagerController.java'...

Improper access control

Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information and/or execute arbitrary code via the 'FileManager.rename' function in the component 'modules/filemanager/FileManagerController.java'...

CVE-2020-19155

CVE-2020-19155 affects Jfinal CMS versions 4.7.1 and earlier. The vulnerability resides in the FileManager.rename() function (modules/filemanager/FileManagerController.java) due to improper access control, enabling remote attackers to obtain sensitive information and/or execute arbitrary code. Pu...

CVE-2020-19155

Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information and/or execute arbitrary code via the 'FileManager.rename' function in the component 'modules/filemanager/FileManagerController.java'...

Jfinal CMS 路径遍历漏洞

Jfinal CMS is a powerful information consulting website developed in java, using the JFinal web framework, template engine with beetl, database with mysql, front-end bootstrap framework. jfinal CMS 4.7.1 and earlier versions exist improper access control vulnerabilities. An attacker can use the...

PT-2021-10295 · Jfinalcms · Jfinalcms

Name of the Vulnerable Software and Affected Versions: Jfinal CMS versions 4.7.1 and earlier Description: The issue allows remote attackers to obtain sensitive information and/or execute arbitrary code via the FileManager.rename function in the component...