CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Heyewei: >> Jfinalcms >> 1.0 Security Vulnerabilities

CVE-2024-57665

JFinalCMS 1.0 is vulnerable to SQL Injection in rc/main/java/com/cms/entity/Content.java. The cause of the vulnerability is that the title parameter is controllable and is concatenated directly into filterSql without filtering.

CVSS Score

9.8

EPSS Score

0.001

Published

2025-01-29

Page 1

Vulnerabilities

Vulnerable Software

Heyewei: >> Jfinalcms >> 1.0 Security Vulnerabilities

Products

Pricing

Contact Us