Command Injection in Jfinal CMS v4.7.1 a... CVE-2020-19151

6.5 AV AC AU C I A
发布: 2021-09-15
修订: 2024-11-21

Command Injection in Jfinal CMS v4.7.1 and earlier allows remote attackers to execute arbitrary code by uploading a malicious HTML template file via the component 'jfinal_cms/admin/filemanager/list'.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有1条受影响产品信息