11 matches found
CVE-2023-49383
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/tag/save...
CVE-2024-12349
A vulnerability was found in JFinalCMS 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/tag/save. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the...
JFinalCMS 安全漏洞
JFinalCMS is a content management system. A cross-site request forgery vulnerability exists in JFinalCMS version 1.0, which stems from the /admin/tag/save file not adequately verifying that a request comes from a trusted user. An attacker can exploit this vulnerability to forge a malicious reques...
PT-2024-17558 · Jfinalcms · Jfinalcms
Name of the Vulnerable Software and Affected Versions: JFinalCMS version 1.0 Description: The issue is related to a cross-site request forgery CSRF vulnerability in the /admin/tag/save file of the JFinalCMS system. This vulnerability can be exploited remotely, allowing an attacker to perform a CS...
CVE-2023-49383
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/tag/save...
CVE-2023-49383
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/tag/save...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/tag/save...
PT-2023-31198 · Jfinalcms · Jfinalcms
Name of the Vulnerable Software and Affected Versions: JFinalCMS version 5.0.0 Description: A Cross-Site Request Forgery CSRF issue was found in JFinalCMS. The issue is related to the /admin/tag/save API endpoint. This allows for potential unauthorized actions on the system. Recommendations: For...
JFinalCMS Security Vulnerability
JFinalCMS is a content management system by heyewei personal developer. A security vulnerability exists in JFinalCMS v5.0.0, which originates from a cross-site request forgery vulnerability in the /admin/tag/save component...
CVE-2018-9924
An issue was discovered in idreamsoft iCMS through 7.0.7. SQL injection exists via the pid array parameter in an admincp.php?app=tag&do=save&frame=iPHP request...
idreamsoft iCMS SQL Injection Vulnerability
idreamsoft iCMS is an open source content management system CMS based on PHP and MySQL. A SQL injection vulnerability exists in idreamsoft iCMS 7.0.7 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands with the 'pid' array parameter in the...