Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Jfinalcms
(Jfinalcms_project)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 37 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-04-22 | CVE-2022-27341 | JFinalCMS v2.0 was discovered to contain a SQL injection vulnerability via the Article Management function. | Jfinalcms | 9.8 | ||
2023-09-19 | CVE-2023-41599 | An issue in the component /common/DownController.java of JFinalCMS v5.0.0 allows attackers to execute a directory traversal. | Jfinalcms | 5.3 | ||
2023-12-05 | CVE-2023-49372 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/save. | Jfinalcms | 8.8 | ||
2023-12-05 | CVE-2023-49374 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/update. | Jfinalcms | 8.8 | ||
2023-12-05 | CVE-2023-49373 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/slide/delete. | Jfinalcms | 8.8 | ||
2023-12-05 | CVE-2023-49375 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/friend_link/update. | Jfinalcms | 8.8 | ||
2023-12-05 | CVE-2023-49376 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/delete. | Jfinalcms | 8.8 | ||
2023-12-05 | CVE-2023-49377 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/update. | Jfinalcms | 8.8 | ||
2023-12-05 | CVE-2023-49378 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/form/save. | Jfinalcms | 8.8 | ||
2023-12-05 | CVE-2023-49379 | JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /admin/friend_link/save. | Jfinalcms | 8.8 |