Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jflyfox vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-29648
A cross-site scripting (XSS) vulnerability in Jfinal CMS v5.1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted X-Forwarded-For request.
Jflyfox Jfinal Cms 5.1.0
9.8
CVSSv3
CVE-2022-30500
Jfinal cms 5.1.0 is vulnerable to SQL Injection.
Jflyfox Jfinal Cms 5.1.0
5.4
CVSSv3
CVE-2023-24747
Jfinal CMS v5.1 exists to contain a cross-site scripting (XSS) vulnerability via the component /system/dict/list.
Jflyfox Jfinal Cms 5.1
9.8
CVSSv3
CVE-2023-47503
An issue in jflyfox jfinalCMS v.5.1.0 allows a remote malicious user to execute arbitrary code via a crafted script to the login.jsp component in the template management module.
Jflyfox Jfinal Cms 5.1.0
9.8
CVSSv3
CVE-2021-42242
A command execution vulnerability exists in jfinal_cms 5.0.1 via com.jflyfox.component.controller.Ueditor.
Jflyfox Jfinal Cms 5.0.1
7.2
CVSSv3
CVE-2022-38273
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/article/list_approve.
Jflyfox Jfinal Cms 5.1.0
7.2
CVSSv3
CVE-2022-38276
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/foldernotice/list.
Jflyfox Jfinal Cms 5.1.0
7.2
CVSSv3
CVE-2022-38277
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/folderrollpicture/list.
Jflyfox Jfinal Cms 5.1.0
7.2
CVSSv3
CVE-2022-38284
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/department/list.
Jflyfox Jfinal Cms 5.1.0
7.2
CVSSv3
CVE-2022-38285
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/menu/list.
Jflyfox Jfinal Cms 5.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »