PT-2025-14855 · Jfinalcms · Jfinalcms

Name of the Vulnerable Software and Affected Versions: JFinal CMS versions up to 5.2.4 Description: A vulnerability has been found in the function engine.getTemplate of the file /readTemplate, where the manipulation of the template argument leads to path traversal. The attack can be launched...

JFinalCMS 路径遍历漏洞

JFinalCMS is a content management system by heyewei individual developer. A path traversal vulnerability exists in JFinalCMS 5.2.4 and earlier versions, which stems from a path traversal in the readTemplate file...