Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

37 matches found

RedhatCVE
RedhatCVEadded 2026/01/07 9:48 a.m.7 views

CVE-2022-27111

JfinalCMS 5.1.0 allows attackers to use the feedback function to send malicious XSS code to the administrator backend and execute it...

5.4CVSS6.4AI score0.00191EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2021-23834

Malware in sbrugna...

7.5CVSS7.6AI score0.00368EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-18363

Malicious code in bioql PyPI...

5.3CVSS4.9AI score0.00154EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-31650

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00191EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2021-29220

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.01057EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2021-32789

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00191EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/06/18 4:13 a.m.3 views

CVE-2025-6105

A vulnerability has been found in jflyfox jfinalcms 5.0.1 and classified as problematic. This vulnerability affects unknown code of the file HOME.java. The manipulation of the argument Logout leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed...

5.3CVSS4.6AI score0.00154EPSS
Exploits1References1
NVD
NVDadded 2025/06/16 5:15 a.m.7 views

CVE-2025-6105

A vulnerability has been found in jflyfox jfinalcms 5.0.1 and classified as problematic. This vulnerability affects unknown code of the file HOME.java. The manipulation of the argument Logout leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed...

8.8CVSS0.00154EPSS
Exploits1References4
CVE
CVEadded 2025/06/16 4:0 a.m.17 views

CVE-2025-6105

CVE-2025-6105 affects jflyfox jfinal_cms 5.0.1. The vulnerability is a cross-site request forgery in the HOME.java Logout argument, allowing remote abuse and potentially unauthorized operations. Exploitation is publicly disclosed; vendor response is noted as absent in the sources. Connected docum...

8.8CVSS4.7AI score0.00154EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2025/06/16 4:0 a.m.2 views

CVE-2025-6105 jflyfox jfinal_cms HOME.java cross-site request forgery

A vulnerability has been found in jflyfox jfinalcms 5.0.1 and classified as problematic. This vulnerability affects unknown code of the file HOME.java. The manipulation of the argument Logout leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed...

5.3CVSS7AI score0.00154EPSS
Exploits1References4
Cvelist
Cvelistadded 2025/06/16 4:0 a.m.10 views

CVE-2025-6105 jflyfox jfinal_cms HOME.java cross-site request forgery

A vulnerability has been found in jflyfox jfinalcms 5.0.1 and classified as problematic. This vulnerability affects unknown code of the file HOME.java. The manipulation of the argument Logout leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed...

5.3CVSS0.00154EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2025/05/22 10:41 p.m.4 views

CVE-2022-28505

Jfinalcms 5.1.0 is vulnerable to SQL Injection via com.jflyfox.system.log.LogController.java...

7.2CVSS8.1AI score0.00255EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 6:37 p.m.4 views

CVE-2021-37262

JFinalcms 5.1.0 is vulnerable to regex injection that may lead to Denial of Service...

7.5CVSS7.1AI score0.00368EPSS
Exploits0References1
CVE
CVEadded 2023/02/03 12:0 a.m.115 views

CVE-2023-22975

CVE-2023-22975 is a cross-site scripting (XSS) vulnerability in JFinal CMS v5.1.0 where a crafted payload placed in the email parameter of the /front/person/profile.html endpoint can cause arbitrary web scripts/HTML to run in a user’s browser. RedHat/CNNVD/OSV/NVD entries corroborate the issue; r...

6.1CVSS5.8AI score0.00314EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2022/05/05 1:15 p.m.8 views

CVE-2021-42242

A command execution vulnerability exists in jfinalcms 5.0.1 via com.jflyfox.component.controller.Ueditor...

9.8CVSS0.01057EPSS
Exploits1References1
OSV
OSVadded 2022/05/05 1:15 p.m.11 views

CVE-2021-42242

A command execution vulnerability exists in jfinalcms 5.0.1 via com.jflyfox.component.controller.Ueditor...

9.8CVSS7.1AI score
Exploits0References1
Prion
Prionadded 2022/05/05 1:15 p.m.12 views

Command injection

A command execution vulnerability exists in jfinalcms 5.0.1 via com.jflyfox.component.controller.Ueditor...

7.5CVSS9.5AI score0.01057EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/05/05 12:10 p.m.13 views

CVE-2021-42242

A command execution vulnerability exists in jfinalcms 5.0.1 via com.jflyfox.component.controller.Ueditor...

9.8AI score0.01057EPSS
Exploits1References1
CVE
CVEadded 2022/05/05 12:10 p.m.67 views

CVE-2021-42242

CVE-2021-42242 affects jfinal_cms 5.0.1; a command injection vulnerability exists via com.jflyfox.component.controller.Ueditor due to inadequate filtering of command-related characters, enabling arbitrary command execution. Descriptions across NVD, CNVD/CNNVD and OSV corroborate a remote command ...

9.8CVSS9.5AI score0.01057EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2022/05/03 5:15 p.m.8 views

CVE-2022-28505

Jfinalcms 5.1.0 is vulnerable to SQL Injection via com.jflyfox.system.log.LogController.java...

7.2CVSS0.00255EPSS
Exploits1References1
Rows per page
Query Builder