CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

RedhatCVE•added 2026/01/09 12:36 p.m.•2 views

CVE-2023-49373

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF via /admin/slide/delete...

8.8CVSS7.3AI score0.00268EPSS

Exploits1References1

OSV•added 2025/07/13 1:15 a.m.•4 views

CVE-2025-7509

A vulnerability, which was classified as critical, was found in code-projects Modern Bag 1.0. This affects an unknown part of the file /admin/slide.php. The manipulation of the argument idSlide leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed ...

9.8CVSS5.7AI score0.00277EPSS

Exploits1References5

CNNVD•added 2025/07/13 12:0 a.m.•2 views

Code-Projects Modern Bag 注入漏洞

Code-Projects Modern Bag is an online management system from Code-Projects open source. An injection vulnerability exists in Code-Projects Modern Bag version 1.0, which originates from SQL injection due to incorrect manipulation of the parameter idSlide in the file /admin/slide.php...

9.8CVSS7.8AI score0.00277EPSS

Exploits1References6

Github Security Blog•added 2023/12/05 3:30 p.m.•19 views

Cross-Site Request Forgery in JFinalCMS

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/slide/save...

8.8CVSS7.5AI score0.00268EPSS

Exploits1References3Affected Software1

Github Security Blog•added 2023/12/05 3:30 p.m.•14 views

Cross-Site Request Forgery in JFinalCMS

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF via /admin/slide/delete...

8.8CVSS7.5AI score0.00268EPSS

Exploits1References3Affected Software1

OSV•added 2023/12/05 3:30 p.m.•0 views

GHSA-R7W2-J96V-VW8M Cross-Site Request Forgery in JFinalCMS via /admin/slide/update

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/slide/update...

8.8CVSS5.9AI score0.00268EPSS

Exploits1References2

OSV•added 2023/12/05 3:30 p.m.•0 views

GHSA-9WVJ-WR2F-6MX6 Cross-Site Request Forgery in JFinalCMS

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/slide/save...

8.8CVSS5.9AI score0.00268EPSS

Exploits1References3

OSV•added 2023/12/05 3:30 p.m.•0 views

GHSA-CJ7J-23WF-MHRX Cross-Site Request Forgery in JFinalCMS

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF via /admin/slide/delete...

8.8CVSS5.9AI score0.00268EPSS

Exploits1References3

ATTACKERKB•added 2023/12/05 3:15 p.m.•1 views

CVE-2023-49373

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF via /admin/slide/delete...

8.8CVSS5.8AI score0.00268EPSS

Exploits1References2

ATTACKERKB•added 2023/12/05 3:15 p.m.•2 views

CVE-2023-49374

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/slide/update...

8.8CVSS5.8AI score0.00268EPSS

Exploits1References2

ATTACKERKB•added 2023/12/05 3:15 p.m.•0 views

CVE-2023-49372

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/slide/save...

8.8CVSS5.8AI score0.00268EPSS

Exploits1References2

NVD•added 2023/12/05 3:15 p.m.•11 views

CVE-2023-49372

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/slide/save...

8.8CVSS0.00268EPSS

Exploits1References1

NVD•added 2023/12/05 3:15 p.m.•9 views

CVE-2023-49373

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF via /admin/slide/delete...

8.8CVSS0.00268EPSS

Exploits1References1

OSV•added 2023/12/05 3:15 p.m.•12 views

CVE-2023-49373

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF via /admin/slide/delete...

8.8CVSS8.9AI score

Exploits0References1

Prion•added 2023/12/05 3:15 p.m.•12 views

Cross site request forgery (csrf)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF via /admin/slide/delete...

6.8CVSS7.7AI score0.00268EPSS

Exploits1References1Affected Software1

Prion•added 2023/12/05 3:15 p.m.•12 views

Cross site request forgery (csrf)

JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/slide/update...

6.8CVSS7.8AI score0.00268EPSS

Exploits1References1Affected Software1

CNNVD•added 2023/12/05 12:0 a.m.•0 views

JFinalCMS Security Vulnerability

JFinalCMS is a content management system by heyewei individual developer. A security vulnerability exists in JFinalCMS v5.0.0, which originates from a cross-site request forgery vulnerability in the /admin/slide/update component...

8.8CVSS8.5AI score0.00268EPSS

Exploits1References1

Positive Technologies•added 2023/12/05 12:0 a.m.•2 views

PT-2023-31186 · Jfinalcms · Jfinalcms

Name of the Vulnerable Software and Affected Versions: JFinalCMS version 5.0.0 Description: A Cross-Site Request Forgery CSRF issue was discovered in JFinalCMS. The vulnerability can be exploited via the /admin/slide/save API endpoint. Recommendations: For JFinalCMS version 5.0.0, update to a...

8.8CVSS8.7AI score0.00268EPSS

Exploits1References9

Positive Technologies•added 2023/12/05 12:0 a.m.•2 views

PT-2023-31187 · Jfinalcms · Jfinalcms

Name of the Vulnerable Software and Affected Versions: JFinalCMS version 5.0.0 Description: A Cross-Site Request Forgery CSRF issue was discovered in JFinalCMS. The issue is related to the /admin/slide/delete API endpoint. This allows for unauthorized actions to be performed on the application...

8.8CVSS8.5AI score0.00268EPSS

Exploits1References9

CNNVD•added 2023/12/05 12:0 a.m.•1 views

JFinalCMS Security Vulnerability

JFinalCMS is a content management system by heyewei personal developer. A security vulnerability exists in JFinalCMS v5.0.0, which originates from a cross-site request forgery vulnerability in the /admin/slide/delete component...

8.8CVSS8.4AI score0.00268EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by