Unrated severityNVD Advisory· Published Sep 13, 2024· Updated Sep 13, 2024
JFinalCMS edit delete path traversal
CVE-2024-8782
Description
A vulnerability was found in JFinalCMS up to 1.0. It has been rated as critical. This issue affects the function delete of the file /admin/template/edit. The manipulation of the argument name leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- JFinalCMS/JFinalCMSdescription
Patches
Vulnerability mechanics
References
5- github.com/yhy7612/Seccode/blob/main/README1.mdmitreexploit
- vuldb.commitrethird-party-advisory
- gitee.com/heyewei/JFinalcms/issues/IAOSJGmitreissue-tracking
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
News mentions
0No linked articles in our index yet.