Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Jflyfox Subscribe
Filtered by product Jfinal Cms

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-47503 1 Jflyfox 1 Jfinal Cms 2023-12-01 N/A 9.8 CRITICAL
An issue in jflyfox jfinalCMS v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp component in the template management module.
CVE-2022-30500 1 Jflyfox 1 Jfinal Cms 2022-06-03 7.5 HIGH 9.8 CRITICAL
Jfinal cms 5.1.0 is vulnerable to SQL Injection.
CVE-2021-42242 1 Jflyfox 1 Jfinal Cms 2022-05-12 7.5 HIGH 9.8 CRITICAL
A command execution vulnerability exists in jfinal_cms 5.0.1 via com.jflyfox.component.controller.Ueditor.