| Title | 10Web CMS <=1.0 Unrestricted Upload |
|---|
| Description | The /admin/template/update interface of the JFinalCMS system has any file upload security problems and can obtain server permissions |
|---|
| Source | ⚠️ https://github.com/wave-to/SomeCms/blob/main/JFinalCMS.md |
|---|
| User | wavesky (UID 73979) |
|---|
| Submission | 09/03/2024 14:53 (2 years ago) |
|---|
| Moderation | 09/11/2024 13:41 (8 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 277167 [JFinalCMS up to 20240903 com.cms.controller.admin.TemplateController /admin/template/update fileName path traversal] |
|---|
| Points | 15 |
|---|