EUVD-2024-27517

Malicious code in bioql PyPI...

CVE-2024-24029

JFinalCMS 5.0.0 is vulnerable to SQL injection via /admin/content/data...

CVE-2024-12351

A vulnerability classified as critical has been found in JFinalCMS 1.0. This affects the function findPage of the file src\main\java\com\cms\entity\ContentModel.java of the component File Content Handler. The manipulation of the argument name leads to sql injection. It is possible to initiate the...

CVE-2024-57665

JFinalCMS 1.0 is vulnerable to SQL Injection in rc/main/java/com/cms/entity/Content.java. The cause of the vulnerability is that the title parameter is controllable and is concatenated directly into filterSql without filtering...

CVE-2024-57665

The CVE-2024-57665 entry concerns JFinalCMS 1.0, where SQL Injection arises in rc/main/java/com/cms/entity/Content.java because the title parameter is user-controlled and concatenated directly into filterSql without filtering. Affects Content.java logic; impact is high (as per CVSS 3.1: Critical,...

CVE-2024-40322

An issue was discovered in JFinalCMS v.5.0.0. There is a SQL injection vulnerablity via /admin/divdata/data...

CVE-2024-24029

JFinalCMS 5.0.0 is vulnerable to SQL injection via /admin/content/data...