14 matches found
EUVD-2023-1242
Malicious code in bioql PyPI...
CVE-2025-7759
Summary: CVE-2025-7759 affects thinkgem JeeSite up to 5.12.0, specifically the UEditor Image Grabber component’s ActionEnter.java. Root cause: Manipulation of the Source argument enables server-side request forgery (SSRF). Impact: Remote exploitation with potential impact on server resources; exp...
GHSA-GH24-C683-79R2 Duplicate Advisory: Arbitrary code execution in jfinal CMS
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8qhm-ch8h-xgjr. This link is maintained to preserve external references. Original Description Command execution vulnerability in the ActionEnter Class ins jfinal CMS version 5.1.0 allows attackers to execute...
Duplicate Advisory: Arbitrary code execution in jfinal CMS
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8qhm-ch8h-xgjr. This link is maintained to preserve external references. Original Description Command execution vulnerability in the ActionEnter Class ins jfinal CMS version 5.1.0 allows attackers to execute...
PT-2023-20805 · Jfinalcms · Jfinalcms
Name of the Vulnerable Software and Affected Versions: jfinal CMS version 5.1.0 Description: A command execution issue in the ActionEnter Class of jfinal CMS allows attackers to execute arbitrary code via a created json file to the ueditor route. Recommendations: For jfinal CMS version 5.1.0,...
GHSA-8QHM-CH8H-XGJR Remote code execution in JFinal CMS
JFinal CMS v5.1.0 was discovered to contain a remote code execution RCE vulnerability via the ActionEnter function...
Remote code execution in JFinal CMS
JFinal CMS v5.1.0 was discovered to contain a remote code execution RCE vulnerability via the ActionEnter function...
CVE-2023-30349
JFinal CMS v5.1.0 was discovered to contain a remote code execution RCE vulnerability via the ActionEnter function...
CVE-2023-30349
JFinal CMS v5.1.0 was discovered to contain a remote code execution RCE vulnerability via the ActionEnter function...
Remote code execution
JFinal CMS v5.1.0 was discovered to contain a remote code execution RCE vulnerability via the ActionEnter function...
jfinal cms 安全漏洞
jfinal cms is a java development of powerful information consulting website , using a simple and powerful JFinal as the web framework , template engine with beetl , database with mysql , front-end bootstrap framework . jfinal cms v5.1.0 version of a security vulnerability , the source of the...
CVE-2023-30349
JFinal CMS v5.1.0 was discovered to contain a remote code execution RCE vulnerability via the ActionEnter function...
PT-2023-22645 · Jfinalcms · Jfinalcms
Name of the Vulnerable Software and Affected Versions: JFinal CMS version 5.1.0 Description: The issue is related to a remote code execution RCE vulnerability. It is exploited via the ActionEnter function. Recommendations: For JFinal CMS version 5.1.0, at the moment, there is no information about...
CVE-2023-30349
CVE-2023-30349 affects JFinal CMS v5.1.0; confirmed remote code execution via the ActionEnter function. The vulnerability is described as a high-severity (CVSS v3.1: 9.8) network‑based issue with no authentication required and no user interaction. The provided documents do not specify a fixed ver...