JFinal SQL注入漏洞

JFinal is a Java language based WEB + ORM open source framework. JFinal CMS version 5.1.0 has a security vulnerability , the vulnerability stems from vulnerability to SQL injection attacks via /admin/advicefeedback/list...

CVE-2021-25647

Mobile application "Testes de Codigo" v11.3 and prior allows stored XSS by injecting a payload in the "feedback" message field causing it to be stored in the remote database and leading to its execution on client devices when loading the "feedback list", either by accessing the website directly o...

CVE-2021-25647

CVE-2021-25647 affects the mobile application “Testes de Codigo” up to version v11.3. The issue is a stored XSS in the feedback message field: payloads are stored in the remote database and later executed on client devices when loading the feedback list (via website or app). The available connect...

Testesdecodigogratis Testes de Codigo Cross-Site Scripting Vulnerability

Testesdecodigogratis Testes de Codigo is a mobile application from Testesdecodigogratis Portugal that provides users with driver's license learning. A cross-site scripting vulnerability exists in Testesdecodigogratis Testes de Codigo v11.3 and prior that allows storing the "Feedback" message fiel...