Improper Access Control in Jfinal CMS v4.7.1 and previous versions allows remote malicious users to obtain sensitive information and/or execute arbitrary code via the 'FileManager.rename()' function in the component 'modules/filemanager/FileManagerController.java'.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jflyfox jfinal cms |