You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Enter the background at http://127.0.0.1:8080/admin/login. In System Management → Template → Edit Module, select to edit index.html, add a line of code in the file, and click Update File.
Affected version
≤Jpress v5.1.1
Vendor
https://github.com/JPressProjects/jpress
vulnerability File
jfinal-5.1.9.jar
Description
Enter the background at http://127.0.0.1:8080/admin/login. In System Management → Template → Edit Module, select to edit index.html, add a line of code in the file, and click Update File.
Then visit the homepage, and you can see the content of the local
c:\Windows\win.inifile.Modify the code to
../../WEB-INF/classes/jboot.properties, and we can read the local database configuration file.The text was updated successfully, but these errors were encountered: