Vulnerabilities > Jfinaloa Project > Jfinaloa > 1.0.2

DATE CVE VULNERABILITY TITLE RISK
2025-01-16 CVE-2024-57769 SQL Injection vulnerability in Jfinaloa Project Jfinaloa
JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the component borrowmoney/listData?applyUser.
network
low complexity
jfinaloa-project CWE-89
8.8
8.8
2025-01-16 CVE-2024-57770 SQL Injection vulnerability in Jfinaloa Project Jfinaloa
JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the component apply/save#oaContractApply.id.
network
low complexity
jfinaloa-project CWE-89
8.8
8.8
2025-01-16 CVE-2024-57775 SQL Injection vulnerability in Jfinaloa Project Jfinaloa
JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the component getWorkFlowHis?insid.
network
low complexity
jfinaloa-project CWE-89
8.8
8.8
2023-02-09 CVE-2023-0758 Unspecified vulnerability in Jfinaloa Project Jfinaloa 1.0.2
A vulnerability was found in glorylion JFinalOA 1.0.2 and classified as critical.
network
low complexity
jfinaloa-project
critical
 9.8
9.8