Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jfinal jfinal vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2020-19154
Improper Access Control in Jfinal CMS v4.7.1 and previous versions allows remote malicious users to obtain sensitive information via the 'FileManager.editFile()' function in the component 'modules/filemanager/FileManagerController.java'.
Jflyfox Jfinal Cms
8.8
CVSSv3
CVE-2020-19155
Improper Access Control in Jfinal CMS v4.7.1 and previous versions allows remote malicious users to obtain sensitive information and/or execute arbitrary code via the 'FileManager.rename()' function in the component 'modules/filemanager/FileManagerController.java...
Jflyfox Jfinal Cms
7.2
CVSSv3
CVE-2022-28505
Jfinal_cms 5.1.0 is vulnerable to SQL Injection via com.jflyfox.system.log.LogController.java.
Jflyfox Jfinal Cms 5.1.0
9.8
CVSSv3
CVE-2023-30349
JFinal CMS v5.1.0 exists to contain a remote code execution (RCE) vulnerability via the ActionEnter function.
Jflyfox Jfinal Cms 5.1.0
5.4
CVSSv3
CVE-2022-33113
Jfinal CMS v5.1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module.
Jflyfox Jfinal Cms 5.1.0
7.2
CVSSv3
CVE-2022-33114
Jfinal CMS v5.1.0 exists to contain a SQL injection vulnerability via the attrVal parameter at /jfinal_cms/system/dict/list.
Jflyfox Jfinal Cms 5.1.0
7.2
CVSSv3
CVE-2022-38272
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/article/list.
Jflyfox Jfinal Cms 5.1.0
7.2
CVSSv3
CVE-2022-38274
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/comment/list.
Jflyfox Jfinal Cms 5.1.0
7.2
CVSSv3
CVE-2022-38275
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/contact/list.
Jflyfox Jfinal Cms 5.1.0
7.2
CVSSv3
CVE-2022-38276
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/foldernotice/list.
Jflyfox Jfinal Cms 5.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
remote code execution
CVE-2024-37080
CVE-2024-5182
CVE-2024-4390
CVE-2024-6100
brute force
CVE-2021-47581
file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »