CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-18363

Malicious code in bioql PyPI...

5.3CVSS4.9AI score0.00154EPSS

Exploits1References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-51614

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.01289EPSS

Exploits1References1

RedhatCVE•added 2025/06/18 4:13 a.m.•3 views

CVE-2025-6105

A vulnerability has been found in jflyfox jfinalcms 5.0.1 and classified as problematic. This vulnerability affects unknown code of the file HOME.java. The manipulation of the argument Logout leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed...

5.3CVSS4.6AI score0.00154EPSS

Exploits1References1

NVD•added 2025/06/16 5:15 a.m.•7 views

CVE-2025-6105

8.8CVSS0.00154EPSS

Exploits1References4

OSV•added 2025/06/16 5:15 a.m.•1 views

CVE-2025-6105

8.8CVSS4.4AI score

Exploits0References4

Vulnrichment•added 2025/06/16 4:0 a.m.•2 views

CVE-2025-6105 jflyfox jfinal_cms HOME.java cross-site request forgery

5.3CVSS7AI score0.00154EPSS

Exploits1References4

CVE•added 2025/06/16 4:0 a.m.•17 views

CVE-2025-6105

CVE-2025-6105 affects jflyfox jfinal_cms 5.0.1. The vulnerability is a cross-site request forgery in the HOME.java Logout argument, allowing remote abuse and potentially unauthorized operations. Exploitation is publicly disclosed; vendor response is noted as absent in the sources. Connected docum...

8.8CVSS4.7AI score0.00154EPSS

Exploits1References4Affected Software1

Cvelist•added 2025/06/16 4:0 a.m.•10 views

CVE-2025-6105 jflyfox jfinal_cms HOME.java cross-site request forgery

5.3CVSS0.00154EPSS

Exploits1References4

CNNVD•added 2025/06/16 12:0 a.m.•1 views

jflyfox jfinal_cms 安全漏洞

jflyfox jfinalcms is jflyfox open source a jfinal cms is a java development of a powerful information consulting website , using a simple and powerful JFinal as a web framework , the template engine with beetl, the database with mysql, front-end bootstrap framework . Support oauth2 authentication...

8.8CVSS4.9AI score0.00154EPSS

Exploits1References5

Positive Technologies•added 2025/06/16 12:0 a.m.•1 views

PT-2025-25516 · Jflyfox · Jfinalcms

Name of the Vulnerable Software and Affected Versions: jflyfox jfinal cms version 5.0.1 Description: A cross-site request forgery issue has been identified, affecting the HOME.java file. The manipulation of the Logout argument can lead to this issue. The attack can be initiated remotely...

5.3CVSS4.4AI score0.00154EPSS

Exploits1References8

RedhatCVE•added 2025/05/23 1:58 a.m.•7 views

CVE-2023-47503

An issue in jflyfox jfinalCMS v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp component in the template management module...

9.8CVSS7.8AI score0.01289EPSS

Exploits1References1

NVD•added 2023/11/28 2:15 a.m.•9 views

CVE-2023-47503

An issue in jflyfox jfinalCMS v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp component in the template management module...

9.8CVSS0.01289EPSS

Exploits1References1

ATTACKERKB•added 2023/11/28 2:15 a.m.•0 views

CVE-2023-47503

An issue in jflyfox jfinalCMS v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp component in the template management module...

9.8CVSS7.7AI score0.01289EPSS

Exploits1References2

Cvelist•added 2023/11/28 12:0 a.m.•10 views

CVE-2023-47503

An issue in jflyfox jfinalCMS v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp component in the template management module...

9.8AI score0.01289EPSS

Exploits1References1

CVE•added 2023/11/28 12:0 a.m.•30 views

CVE-2023-47503

CVE-2023-47503 affects jflyfox jfinalCMS v5.1.0. Root cause: login.jsp in the template management module not properly restricted, enabling remote attackers to execute arbitrary code via a crafted script. Documented impact is arbitrary code execution with high severity (NVD CVSS 3.1 base score 9.8...

9.8CVSS9.5AI score0.01289EPSS

Exploits1References1Affected Software1

OSV•added 2022/08/24 12:0 a.m.•22 views

GHSA-5RF4-F24C-HPVH SQL injection in jflyfox jfinal

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinalcms/system/user/list...

9.8CVSS9.9AI score0.00245EPSS

Exploits1References3

Github Security Blog•added 2022/08/24 12:0 a.m.•21 views

SQL injection in jflyfox jfinal

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinalcms/system/role/list...

9.8CVSS9.7AI score0.00245EPSS

Exploits1References3Affected Software1

CNVD•added 2021/07/09 12:0 a.m.•8 views

SQL Injection Vulnerability in Jflyfox Blog System

Jflyfox is a java development of a powerful blog system . A SQL injection vulnerability exists in the Jflyfox blog system, which can be exploited by an attacker to obtain sensitive information from the database...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by