Vulnerabilities > Jfinalcms Project > Jfinalcms > 5.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-05 | CVE-2023-49398 | Cross-Site Request Forgery (CSRF) vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/delete. | 8.8 |
| 2023-12-05 | CVE-2023-49446 | Cross-Site Request Forgery (CSRF) vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/save. | 8.8 |
| 2023-12-05 | CVE-2023-49447 | Cross-Site Request Forgery (CSRF) vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/update. | 8.8 |
| 2023-12-05 | CVE-2023-49448 | Cross-Site Request Forgery (CSRF) vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via admin/nav/delete. | 8.8 |
| 2023-09-19 | CVE-2023-41599 | Path Traversal vulnerability in Jfinalcms Project Jfinalcms 5.0.0 An issue in the component /common/DownController.java of JFinalCMS v5.0.0 allows attackers to execute a directory traversal. | 5.3 |