CVE-2020-19151 in Jfinal
Riassunto
di MITRE • 15/09/2021
Command Injection in Jfinal CMS v4.7.1 and earlier allows remote attackers to execute arbitrary code by uploading a malicious HTML template file via the component 'jfinal_cms/admin/filemanager/list'.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.