CVE-2023-50449 | JFinalCMS 5.0.0 /common/down/file fileKey path traversal

Inserito da Angelo Barbosa | Dic 11, 2023 | CVE

A vulnerability, which was classified as critical, has been found in JFinalCMS 5.0.0. Affected by this issue is some unknown functionality of the file /common/down/file. The manipulation of the argument fileKey leads to path traversal: ‘../filedir’.

This vulnerability is handled as CVE-2023-50449. The attack may be launched remotely. There is no exploit available.

CVE-2023-50449 | JFinalCMS 5.0.0 /common/down/file fileKey path traversal

Post correlati

CVE-2023-24334 | Tenda AC23 16.03.07.45_cn_TDC01 schedStartTime stack-based overflow

CVE-2023-51651 | AWS AWS SDK PHP prior 3.288.1 path traversal

CVE-2024-4606 | BdThemes Ultimate Store Kit Elementor Addons Plugin up to 1.6.2 on WordPress deserialization

CVE-2024-22548 | FlyCMS 1.0 System Website Settings cross site scripting