Vulnerabilities > Jfinalcms Project

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-02	CVE-2024-24029	SQL Injection vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalCMS 5.0.0 is vulnerable to SQL injection via /admin/content/data. network low complexity jfinalcms-project CWE-89 critical	9.8
2024-01-23	CVE-2024-22497	Cross-site Scripting vulnerability in Jfinalcms Project Jfinalcms 5.0.0 Cross Site Scripting (XSS) vulnerability in /admin/login password parameter in JFinalcms 5.0.0 allows attackers to run arbitrary code via crafted URL. network low complexity jfinalcms-project CWE-79	6.1
2024-01-23	CVE-2024-22496	Cross-site Scripting vulnerability in Jfinalcms Project Jfinalcms 5.0.0 Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows attackers to run arbitrary code via the /admin/login username parameter. network low complexity jfinalcms-project CWE-79	6.1
2024-01-12	CVE-2024-22492	Cross-site Scripting vulnerability in Jfinalcms Project Jfinalcms 5.0.0 A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save contact parameter, which allows remote attackers to inject arbitrary web script or HTML. network low complexity jfinalcms-project CWE-79	5.4
2024-01-12	CVE-2024-22493	Cross-site Scripting vulnerability in Jfinalcms Project Jfinalcms 5.0.0 A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save content parameter, which allows remote attackers to inject arbitrary web script or HTML. network low complexity jfinalcms-project CWE-79	5.4
2024-01-12	CVE-2024-22494	Cross-site Scripting vulnerability in Jfinalcms Project Jfinalcms 5.0.0 A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save mobile parameter, which allows remote attackers to inject arbitrary web script or HTML. network low complexity jfinalcms-project CWE-79	5.4
2024-01-09	CVE-2023-50136	Cross-site Scripting vulnerability in Jfinalcms Project Jfinalcms 5.0.0 Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows attackers to run arbitrary code via the name field when creating a new custom table. network low complexity jfinalcms-project CWE-79	5.4
2023-12-14	CVE-2023-50100	Cross-site Scripting vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via carousel image editing. network low complexity jfinalcms-project CWE-79	5.4
2023-12-14	CVE-2023-50101	Cross-site Scripting vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via Label management editing. network low complexity jfinalcms-project CWE-79	5.4
2023-12-14	CVE-2023-50102	Cross-site Scripting vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS). network low complexity jfinalcms-project CWE-79	5.4

Vulnerabilities > Jfinalcms Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jfinalcms Project"}]}

Vulnerabilities > Jfinalcms Project