592 matches found
SQL Injection Vulnerability in jfinal cms Backend
jfinal cms is a java developed information and counseling website. A SQL injection vulnerability exists in the backend of jfinal cms. An attacker can exploit the vulnerability to obtain sensitive database information...
Command execution vulnerability in jfinal framework
jfinal is based on the Java language of the very fast WEB + ORM framework. A command execution vulnerability exists in the jfinal framework. An attacker can exploit this vulnerability to gain server privileges...
SQL Injection Vulnerability in JFinalOA
JFinalOA is based on the JFinal framework for the development of enterprise office systems . JFinalOA has a SQL injection vulnerability that can be exploited by an attacker to obtain sensitive information from the database...
File upload vulnerability in jfinal
jfinal is based on the Java language of the extremely fast WEB + ORM framework . jfinal has a file upload vulnerability that can be exploited by an attacker to gain control of the server...
SQL Injection Vulnerability in JFinalOA Frontend
JFinalOA is based on the JFinal framework for the development of enterprise office systems . JFinalOA front-end SQL injection vulnerability can be exploited by attackers to obtain sensitive database information...
Command execution vulnerability in jfinal cms
jfinal cms, using the simple and powerful JFinal as a web framework, template engine with beetl, database with mysql, front-end bootstrap, flat ui and other frameworks. jfinal cms has a command execution vulnerability that can be exploited by an attacker to obtain server administrative privileges...
XSS Vulnerability at jfinal cms publishing blog posts
jfinal cms is a java development of powerful information consulting website , using a simple and powerful JFinal as the web framework , template engine with beetl, database with mysql, front-end bootstrap framework. jfinal cms publish blog posts at the existence of XSS vulnerabilities , attackers...
XSS Vulnerability in jfinal cms User Profile Edit
jfinal cms is a java development of powerful information consulting website , using a simple and powerful JFinal as the web framework , template engine with beetl, database with mysql, front-end bootstrap framework. jfinal cms user profile editing XSS vulnerability , an attacker can exploit the...
XSS Vulnerability at jfinal cms comment feeds
jfinal cms is a java development of powerful information consulting website , using a simple and powerful JFinal as the web framework , template engine with beetl, database with mysql, front-end bootstrap framework. jfinal cms feedback at the existence of XSS vulnerability , an attacker can explo...
CVE-2019-17352
In JFinal cos before 2019-08-13, as used in JFinal 4.4, there is a vulnerability that can bypass the isSafeFile function: one can upload any type of file. For example, a .jsp file may be stored and almost immediately deleted, but this deletion step does not occur for certain exceptions...
CVE-2019-17352
In JFinal cos before 2019-08-13, as used in JFinal 4.4, there is a vulnerability that can bypass the isSafeFile function: one can upload any type of file. For example, a .jsp file may be stored and almost immediately deleted, but this deletion step does not occur for certain exceptions...
Design/Logic Flaw
In JFinal cos before 2019-08-13, as used in JFinal 4.4, there is a vulnerability that can bypass the isSafeFile function: one can upload any type of file. For example, a .jsp file may be stored and almost immediately deleted, but this deletion step does not occur for certain exceptions...
CVE-2019-17352
CVE-2019-17352 affects JFinal cos prior to 2019-08-13 (JFinal 4.4). The isSafeFile() check can be bypassed, allowing upload of any file type (e.g., .jsp) with deletion not consistently executed; no remediation details are provided in the supplied documents.
CVE-2019-17352
In JFinal cos before 2019-08-13, as used in JFinal 4.4, there is a vulnerability that can bypass the isSafeFile function: one can upload any type of file. For example, a .jsp file may be stored and almost immediately deleted, but this deletion step does not occur for certain exceptions...
File Upload Vulnerability in Jfinal cms Backend Template Management System
Jfinal cms, using a simple and powerful JFinal as a web framework, template engine with beetl, database with mysql, front-end bootstrap, flat ui and other frameworks. Jfinal cms back-end template management system exists file upload vulnerability, its back-end template management system exists...
File Upload Vulnerability in Jfinal cms Backend Video Management Service
Jfinal cms, using a simple and powerful JFinal as a web framework, template engine with beetl, database with mysql, front-end bootstrap, flat ui and other frameworks. Jfinal cms background video management system file upload vulnerability , its background article video at the existence of arbitra...
Jfinal cms backend image management has file upload vulnerability
Jfinal cms, using a simple and powerful JFinal as a web framework, template engine with beetl, database with mysql, front-end bootstrap, flat ui and other frameworks. Jfinal cms background image management system file upload vulnerability , its background image management system file upload...
File upload vulnerability in Jfinal cms backend site administration
Jfinal cms uses a simple and powerful JFinal as a web framework, template engine with beetl, database with mysql, front-end bootstrap, flat ui and other frameworks. Jfinal cms back-end site management system there is a file upload vulnerability , its back-end site management system there is an...
File Upload Vulnerability in Jfinal cms Backend Article Management System
Jfinal cms, using a simple and powerful JFinal as a web framework, template engine with beetl, database with mysql, front-end bootstrap, flat ui and other frameworks. Jfinal cms back-end article management system file upload vulnerability , its back-end article management system file upload...
Jfinal cms backend column scrolling image at the existence of file upload vulnerability
Jfinal cms, using a simple and powerful JFinal as a web framework, template engine with beetl, database with mysql, front-end bootstrap, flat ui and other frameworks. Jfinal cms background column scrolling picture at the existence of file upload vulnerability, its background column management...