Improper Access Control in Jfinal CMS v4.7.1 and previous versions allows remote malicious users to obtain sensitive infromation via the 'getFolder()' function in the component '/modules/filemanager/FileManager.java'.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jflyfox jfinal cms |