Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jfinalcms project jfinalcms 5.0.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-22496
Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows malicious users to run arbitrary code via the /admin/login username parameter.
Jfinalcms Project Jfinalcms 5.0.0
NA
CVE-2024-22497
Cross Site Scripting (XSS) vulnerability in /admin/login password parameter in JFinalcms 5.0.0 allows malicious users to run arbitrary code via crafted URL.
Jfinalcms Project Jfinalcms 5.0.0
NA
CVE-2023-49485
JFinalCMS v5.0.0 exists to contain a cross-site scripting (XSS) vulnerability in the column management department.
Jfinalcms Project Jfinalcms 5.0.0
NA
CVE-2023-49486
JFinalCMS v5.0.0 exists to contain a cross-site scripting (XSS) vulnerability in the model management department.
Jfinalcms Project Jfinalcms 5.0.0
NA
CVE-2023-49487
JFinalCMS v5.0.0 exists to contain a cross-site scripting (XSS) vulnerability in the navigation management department.
Jfinalcms Project Jfinalcms 5.0.0
NA
CVE-2023-49446
JFinalCMS v5.0.0 exists to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/save.
Jfinalcms Project Jfinalcms 5.0.0
NA
CVE-2023-49447
JFinalCMS v5.0.0 exists to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/update.
Jfinalcms Project Jfinalcms 5.0.0
NA
CVE-2023-49373
JFinalCMS v5.0.0 exists to contain a Cross-Site Request Forgery (CSRF) via /admin/slide/delete.
Jfinalcms Project Jfinalcms 5.0.0
NA
CVE-2023-50449
JFinalCMS 5.0.0 could allow a remote malicious user to read files via ../ Directory Traversal in the /common/down/file fileKey parameter.
Jfinalcms Project Jfinalcms 5.0.0
NA
CVE-2023-49374
JFinalCMS v5.0.0 exists to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/update.
Jfinalcms Project Jfinalcms 5.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-38627
CVE-2022-45803
CVE-2024-38319
camera
template injection
CVE-2024-27801
CVE-2024-0762
CVE-2024-5791
unauthorized
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »