Jfinal Cms@5.1.0 Security Vulnerabilities and Issues — Jfinal Cms@5.1.0 CVE List

Lucene search

JflyfoxJfinal Cms5.1.0

2 matches found

CVE•added 2021/09/15 10:15 p.m.•40 views

CVE-2021-40639

Improper access control in Jfinal CMS 5.1.0 allows attackers to access sensitive information via /classes/conf/db.properties&config=filemanager.config.js.

7.5CVSS7.3AI score0.00291EPSS

CVE•added 2021/12/16 7:15 p.m.•37 views

CVE-2021-37262

JFinal_cms 5.1.0 is vulnerable to regex injection that may lead to Denial of Service.

7.5CVSS7.6AI score0.00368EPSS