RSS   Podatności dla 'Jfinalcms'   RSS

2023-12-08
 
CVE-2023-49485

CWE-79
 

 
JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the column management department.

 
 
CVE-2023-49486

CWE-79
 

 
JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the model management department.

 
 
CVE-2023-49487

CWE-79
 

 
JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the navigation management department.

 
2023-12-10
 
CVE-2023-50449

CWE-22
 

 
JFinalCMS 5.0.0 could allow a remote attacker to read files via ../ Directory Traversal in the /common/down/file fileKey parameter.

 
2022-04-22
 
CVE-2022-27341

CWE-89
 

 
JFinalCMS v2.0 was discovered to contain a SQL injection vulnerability via the Article Management function.

 


Copyright 2024, cxsecurity.com

 

Back to Top