jfinalcms_project jfinalcms CVE 漏洞(39)

CVE 數: 39 CPE versions: View versions table

摘要

本頁列出影響 jfinalcms_project jfinalcms 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。

顯示 12039 CVE 數
«« 第一頁 « 上一頁 第 1 / 2 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2024-40322 An issue was discovered in JFinalCMS v.5.0.0. There is a SQL injection vulnerablity via /admin/div_data/data [email protected] 8.8 0.06% 2024-07-16 2024-11-21
CVE-2023-51254 Cross Site Scripting vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the friendship link component. [email protected] 6.1 0.46% 2024-04-29 2025-04-23
CVE-2024-24375 SQL injection vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to obtain sensitive information via /admin/admin name parameter. [email protected] 7.5 0.05% 2024-03-07 2025-04-30
CVE-2024-24029 JFinalCMS 5.0.0 is vulnerable to SQL injection via /admin/content/data. [email protected] 9.8 0.06% 2024-02-02 2025-06-12
CVE-2024-22497 Cross Site Scripting (XSS) vulnerability in /admin/login password parameter in JFinalcms 5.0.0 allows attackers to run arbitrary code via crafted URL. [email protected] 6.1 0.11% 2024-01-23 2025-05-30
CVE-2024-22496 Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows attackers to run arbitrary code via the /admin/login username parameter. [email protected] 6.1 0.11% 2024-01-23 2025-06-05
CVE-2024-22494 A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save mobile parameter, which allows remote attackers to inject arbitrary web script or HTML. [email protected] 5.4 0.05% 2024-01-12 2025-06-03
CVE-2024-22493 A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save content parameter, which allows remote attackers to inject arbitrary web script or HTML. [email protected] 5.4 0.11% 2024-01-12 2024-11-21
CVE-2024-22492 A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetbook/save contact parameter, which allows remote attackers to inject arbitrary web script or HTML. [email protected] 5.4 0.11% 2024-01-12 2025-06-03
CVE-2023-50136 Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows attackers to run arbitrary code via the name field when creating a new custom table. [email protected] 5.4 0.13% 2024-01-09 2025-06-03
CVE-2023-50137 JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) in the site management office. [email protected] 5.4 0.09% 2023-12-14 2024-11-21
CVE-2023-50102 JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS). [email protected] 5.4 0.19% 2023-12-14 2024-11-21
CVE-2023-50101 JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via Label management editing. [email protected] 5.4 0.19% 2023-12-14 2024-11-21
CVE-2023-50100 JFinalcms 5.0.0 is vulnerable to Cross Site Scripting (XSS) via carousel image editing. [email protected] 5.4 0.12% 2023-12-14 2024-11-21
CVE-2023-50449 JFinalCMS 5.0.0 could allow a remote attacker to read files via ../ Directory Traversal in the /common/down/file fileKey parameter. [email protected] 7.5 0.12% 2023-12-10 2024-11-21
CVE-2023-49487 JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the navigation management department. [email protected] 5.4 0.10% 2023-12-08 2024-11-21
CVE-2023-49486 JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the model management department. [email protected] 5.4 0.11% 2023-12-08 2024-11-21
CVE-2023-49485 JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the column management department. [email protected] 5.4 0.10% 2023-12-08 2025-05-27
CVE-2023-49448 JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via admin/nav/delete. [email protected] 8.8 0.27% 2023-12-05 2024-11-21
CVE-2023-49447 JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/update. [email protected] 8.8 0.27% 2023-12-05 2024-11-21
«« 第一頁 « 上一頁 第 1 / 2 頁 下一頁 »
cvelogic Threat Intelligence