Vulnerabilities > Jfinalcms Project

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-14	CVE-2023-50102	Cross-site Scripting vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS). network low complexity jfinalcms-project CWE-79	5.4
2023-12-14	CVE-2023-50137	Cross-site Scripting vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) in the site management office. network low complexity jfinalcms-project CWE-79	5.4
2023-12-10	CVE-2023-50449	Path Traversal vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalCMS 5.0.0 could allow a remote attacker to read files via ../ Directory Traversal in the /common/down/file fileKey parameter. network low complexity jfinalcms-project CWE-22	7.5
2023-12-08	CVE-2023-49485	Cross-site Scripting vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the column management department. network low complexity jfinalcms-project CWE-79	5.4
2023-12-08	CVE-2023-49486	Cross-site Scripting vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the model management department. network low complexity jfinalcms-project CWE-79	5.4
2023-12-08	CVE-2023-49487	Cross-site Scripting vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the navigation management department. network low complexity jfinalcms-project CWE-79	5.4
2023-12-05	CVE-2023-49372	Cross-Site Request Forgery (CSRF) vulnerability in Jfinalcms Project Jfinalcms 5.0 JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/save. network low complexity jfinalcms-project CWE-352	8.8
2023-12-05	CVE-2023-49373	Cross-Site Request Forgery (CSRF) vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/slide/delete. network low complexity jfinalcms-project CWE-352	8.8
2023-12-05	CVE-2023-49374	Cross-Site Request Forgery (CSRF) vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/update. network low complexity jfinalcms-project CWE-352	8.8
2023-12-05	CVE-2023-49375	Cross-Site Request Forgery (CSRF) vulnerability in Jfinalcms Project Jfinalcms 5.0.0 JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/friend_link/update. network low complexity jfinalcms-project CWE-352	8.8

Vulnerabilities > Jfinalcms Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jfinalcms Project"}]}

Vulnerabilities > Jfinalcms Project