CVE-2021-40639

Improper access control in Jfinal CMS 5.1.0 allows attackers to access sensitive information via /classes/conf/db.properties&config=filemanager.config.js.

Link	Resource
https://github.com/jflyfox/jfinal_cms	Product Third Party Advisory
http://jfinalcms.com	Broken Link
https://github.com/jflyfox/jfinal_cms/issues/27	Exploit Issue Tracking

Configuration 1

cpe:2.3:a:jflyfox:jfinal_cms:5.1.0:*:*:*:*:*:*:*

---

Published : 2021-09-15 10:15

Updated : 2022-07-12 05:42

---

NVD link : CVE-2021-40639

Mitre link : CVE-2021-40639

No products.

CWE-668

CWE-863