3 matches found
CVE-2024-57665
JFinalCMS 1.0 is vulnerable to SQL Injection in rc/main/java/com/cms/entity/Content.java. The cause of the vulnerability is that the title parameter is controllable and is concatenated directly into filterSql without filtering...
CVE-2024-57665
creationtimestamp| type| source ---|---|--- 2025-01-29 22:29:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113914006663904743 2025-01-29 23:15:48+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgw3ypsaat2f 2025-01-30 01:12:08+00:00|...
CVE-2024-57665
JFinalCMS 1.0 is vulnerable to SQL Injection in rc/main/java/com/cms/entity/Content.java. The cause of the vulnerability is that the title parameter is controllable and is concatenated directly into filterSql without filtering...