Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jflyfox jfinal cms 5.1.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-40639
Improper access control in Jfinal CMS 5.1.0 allows malicious users to access sensitive information via /classes/conf/db.properties&config=filemanager.config.js.
Jflyfox Jfinal Cms 5.1.0
NA
CVE-2022-34928
JFinal CMS v5.1.0 exists to contain a SQL injection vulnerability via /system/user.
Jflyfox Jfinal Cms 5.1.0
3.5
CVSSv2
CVE-2022-29648
A cross-site scripting (XSS) vulnerability in Jfinal CMS v5.1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted X-Forwarded-For request.
Jflyfox Jfinal Cms 5.1.0
7.5
CVSSv2
CVE-2022-30500
Jfinal cms 5.1.0 is vulnerable to SQL Injection.
Jflyfox Jfinal Cms 5.1.0
NA
CVE-2023-47503
An issue in jflyfox jfinalCMS v.5.1.0 allows a remote malicious user to execute arbitrary code via a crafted script to the login.jsp component in the template management module.
Jflyfox Jfinal Cms 5.1.0
NA
CVE-2022-38273
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/article/list_approve.
Jflyfox Jfinal Cms 5.1.0
NA
CVE-2022-38276
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/foldernotice/list.
Jflyfox Jfinal Cms 5.1.0
NA
CVE-2022-38277
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/folderrollpicture/list.
Jflyfox Jfinal Cms 5.1.0
NA
CVE-2022-38284
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/department/list.
Jflyfox Jfinal Cms 5.1.0
NA
CVE-2022-38285
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/menu/list.
Jflyfox Jfinal Cms 5.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »