Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache fineract vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-11801
SQL injection vulnerability in Apache Fineract prior to 1.3.0 allows malicious users to execute arbitrary SQL commands via a query on a m_center data related table.
Apache Fineract
7.5
CVSSv2
CVE-2018-11800
SQL injection vulnerability in Apache Fineract prior to 1.3.0 allows malicious users to execute arbitrary SQL commands via a query on the GroupSummaryCounts related table.
Apache Fineract
5.8
CVSSv2
CVE-2020-17514
Apache Fineract before 1.5.0 disables HTTPS hostname verification in ProcessorHelper in the configureClient method. Under typical deployments, a man in the middle attack could be successful.
Apache Fineract
6.5
CVSSv2
CVE-2016-4977
When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code execution via the crafting of the valu...
Pivotal Spring Security Oauth 2.0.4
Pivotal Spring Security Oauth 2.0.3
Pivotal Spring Security Oauth 1.0.2
Pivotal Spring Security Oauth 1.0.4
Pivotal Spring Security Oauth 2.0.6
Pivotal Spring Security Oauth 2.0.5
Pivotal Spring Security Oauth 1.0.3
Pivotal Spring Security Oauth 2.0.9
Pivotal Spring Security Oauth 1.0.1
Pivotal Spring Security Oauth 2.0.0
Pivotal Spring Security Oauth 1.0.5
Pivotal Spring Security Oauth 2.0.2
Pivotal Spring Security Oauth 2.0.8
Pivotal Spring Security Oauth 2.0.7
Pivotal Spring Security Oauth 2.0.1
Pivotal Spring Security Oauth 1.0.0
1 Github repository
NA
CVE-2024-23537
Improper Privilege Management vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5. Users are recommended to upgrade to version 1.9.0, which fixes the issue.
NA
CVE-2024-23538
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5. Users are recommended to upgrade to version 1.8.5 or 1.9.0, which fix the issue.
NA
CVE-2024-23539
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5. Users are recommended to upgrade to version 1.8.5 or 1.9.0, which fix the issue.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2