Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache fineract vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2023-25195
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract. Authorized users with limited permissions can gain access to server and may be able to use server for any outbound traffic. This issue affects Apache Fineract: from 1.4 up to and inclu...
Apache Fineract
9.8
CVSSv3
CVE-2018-11800
SQL injection vulnerability in Apache Fineract prior to 1.3.0 allows malicious users to execute arbitrary SQL commands via a query on the GroupSummaryCounts related table.
Apache Fineract
9.8
CVSSv3
CVE-2018-11801
SQL injection vulnerability in Apache Fineract prior to 1.3.0 allows malicious users to execute arbitrary SQL commands via a query on a m_center data related table.
Apache Fineract
8.8
CVSSv3
CVE-2016-4977
When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code execution via the crafting of the valu...
Pivotal Spring Security Oauth 2.0.4
Pivotal Spring Security Oauth 2.0.3
Pivotal Spring Security Oauth 1.0.2
Pivotal Spring Security Oauth 1.0.4
Pivotal Spring Security Oauth 2.0.6
Pivotal Spring Security Oauth 2.0.5
Pivotal Spring Security Oauth 1.0.3
Pivotal Spring Security Oauth 2.0.9
Pivotal Spring Security Oauth 1.0.1
Pivotal Spring Security Oauth 2.0.0
Pivotal Spring Security Oauth 1.0.5
Pivotal Spring Security Oauth 2.0.2
Pivotal Spring Security Oauth 2.0.8
Pivotal Spring Security Oauth 2.0.7
Pivotal Spring Security Oauth 2.0.1
Pivotal Spring Security Oauth 1.0.0
1 Github repository
NA
CVE-2024-23537
Improper Privilege Management vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5. Users are recommended to upgrade to version 1.9.0, which fixes the issue.
NA
CVE-2024-23539
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5. Users are recommended to upgrade to version 1.8.5 or 1.9.0, which fix the issue.
NA
CVE-2024-23538
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Fineract.This issue affects Apache Fineract: <1.8.5. Users are recommended to upgrade to version 1.8.5 or 1.9.0, which fix the issue.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2