CVE-2023-49395

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/category/update...

PT-2023-31201 · Jfinalcms · Jfinalcms

Name of the Vulnerable Software and Affected Versions: JFinalCMS version 5.0.0 Description: A Cross-Site Request Forgery CSRF issue was discovered in JFinalCMS. The vulnerability can be exploited via the /admin/category/update API endpoint. Recommendations: For JFinalCMS version 5.0.0, as a...

JFinalCMS Security Vulnerability

JFinalCMS is a content management system developed by heyewei. A security vulnerability exists in JFinalCMS v5.0.0, which originates from a cross-site request forgery vulnerability in the /admin/category/update component...

DouCo DouPHP Cross-Site Scripting Vulnerability (CNVD-2019-01002)

DouCo DouPHP is a lightweight open source CMS Content Management System based on PHP and MySQL. A cross-site scripting vulnerability exists in admin/productcategory.php?rec=update in DouCo DouPHP version 1.5 20181221. A remote attacker can exploit this vulnerability to inject arbitrary web script...

DouCo DouPHP Cross-Site Scripting Vulnerability (CNVD-2019-01000)

DouCo DouPHP is a lightweight open source CMS Content Management System based on PHP and MySQL. A cross-site scripting vulnerability exists in admin/articlecategory.php?rec=update in DouCo DouPHP version 1.5 20181221. A remote attacker can exploit this vulnerability to inject arbitrary web script...