27 matches found
GHSA-XV7P-JW46-8R85 Cross-site Scripting in JFinalcms
JFinalcms 5.0.0 is vulnerable to Cross Site Scripting XSS in the site management office...
GHSA-R7W2-J96V-VW8M Cross-Site Request Forgery in JFinalCMS via /admin/slide/update
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/slide/update...
JFinalCMS Security Vulnerability
JFinalCMS is a content management system by heyewei individual developer. A security vulnerability exists in JFinalCMS v5.0.0, which originates from a cross-site request forgery vulnerability in the /admin/tag/delete component...
PT-2023-27992 · Jfinalcms · Jfinalcms
Name of the Vulnerable Software and Affected Versions: JFinalCMS version 5.0.0 Description: An issue in the component /common/DownController.java of JFinalCMS allows attackers to execute a directory traversal. Recommendations: For JFinalCMS version 5.0.0, consider restricting access to the...
CVE-2021-39025
IBM Guardium Data Encryption GDE 4.0.0.0 and 5.0.0.0 could disclose internal IP address information when the web backend is down. IBM X-Force 213863...
MyBiz MyProcureNet Arbitrary File Upload Vulnerability
MyBiz MyProcureNet is a procurement process automation solution from MyBiz Solutions Malaysia. A security vulnerability exists in MyBiz MyProcureNet version 5.0.0, which originates from an attacker being able to adjust the 'HiddenFieldControlCustomWhiteListedExtensions' parameter and add arbitrar...
Coupon CMS URL Redirection Vulnerability
Coupon CMS is an open source PHP coupon system. The system supports the setup of chargeable coupons , which can effectively increase the income of the site . A URL redirection vulnerability exists in Coupon CMS version 5.00, as the program fails to adequately filter user-submitted input. A remote...