CVEDB API

Vulnerabilities

Vulnerable Software

Jfinalcms Project: >> Jfinalcms Security Vulnerabilities

CVE-2023-49447

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/update.

CVSS Score

8.8

EPSS Score

0.003

Published

2023-12-05

CVE-2023-49448

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via admin/nav/delete.

CVSS Score

8.8

EPSS Score

0.003

Published

2023-12-05

CVE-2023-49372

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/save.

CVSS Score

8.8

EPSS Score

0.003

Published

2023-12-05

CVE-2023-49373

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/slide/delete.

CVSS Score

8.8

EPSS Score

0.003

Published

2023-12-05

CVE-2023-49374

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/update.

CVSS Score

8.8

EPSS Score

0.003

Published

2023-12-05

CVE-2023-49375

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/friend_link/update.

CVSS Score

8.8

EPSS Score

0.003

Published

2023-12-05

CVE-2023-49376

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/delete.

CVSS Score

8.8

EPSS Score

0.003

Published

2023-12-05

CVE-2023-41599

An issue in the component /common/DownController.java of JFinalCMS v5.0.0 allows attackers to execute a directory traversal.

CVSS Score

5.3

EPSS Score

0.914

Published

2023-09-19

CVE-2022-27341

JFinalCMS v2.0 was discovered to contain a SQL injection vulnerability via the Article Management function.

CVSS Score

9.8

EPSS Score

0.003

Published

2022-04-22

Page 4

Vulnerabilities

Vulnerable Software

Jfinalcms Project: >> Jfinalcms Security Vulnerabilities

Products

Pricing

Contact Us