Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jflyfox jfinal cms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-38280
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/image/list.
Jflyfox Jfinal Cms 5.1.0
NA
CVE-2022-38282
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/videoalbum/list.
Jflyfox Jfinal Cms 5.1.0
NA
CVE-2022-38283
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/video/list.
Jflyfox Jfinal Cms 5.1.0
NA
CVE-2022-38284
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/department/list.
Jflyfox Jfinal Cms 5.1.0
NA
CVE-2022-38285
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/menu/list.
Jflyfox Jfinal Cms 5.1.0
3.5
CVSSv2
CVE-2022-27111
Jfinal_CMS 5.1.0 allows malicious users to use the feedback function to send malicious XSS code to the administrator backend and execute it.
Jflyfox Jfinal Cms 5.1.0
NA
CVE-2022-37223
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/role/list.
Jflyfox Jfinal Cms 5.1.0
NA
CVE-2023-24747
Jfinal CMS v5.1 exists to contain a cross-site scripting (XSS) vulnerability via the component /system/dict/list.
Jflyfox Jfinal Cms 5.1
NA
CVE-2023-22975
A cross-site scripting (XSS) vulnerability in JFinal CMS v5.1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter under /front/person/profile.html.
Jflyfox Jfinal Cms 5.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5