Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2020-19146

Disclosure Date: September 15, 2021 (last updated February 23, 2025)
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information via the 'TemplatePath' parameter in the component 'jfinal_cms/admin/folder/list'.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0