Jwillber Jfinalcms
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Jwillber Jfinalcms.
By the Year
In 2026 there have been 0 vulnerabilities in Jwillber Jfinalcms. Jfinalcms did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 3 | 8.80 |
It may take a day or so for new Jfinalcms vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jwillber Jfinalcms Security Vulnerabilities
JFinalCMS SQL Injection Vulnerability in File Content Handler
CVE-2024-12351
8.8 - High
- December 09, 2024
A vulnerability classified as critical has been found in JFinalCMS 1.0. This affects the function findPage of the file src\main\java\com\cms\entity\ContentModel.java of the component File Content Handler. The manipulation of the argument name leads to sql injection. It is possible to initiate the attack remotely.
SQL Injection
JFinalCMS Template Handler Command Injection Vulnerability
CVE-2024-12350
8.8 - High
- December 09, 2024
A vulnerability was found in JFinalCMS 1.0. It has been rated as critical. Affected by this issue is the function update of the file \src\main\java\com\cms\controller\admin\TemplateController.java of the component Template Handler. The manipulation of the argument content leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Code Injection
JFinalCMS: Cross-Site Request Forgery (CSRF) in Admin Tag Save Functionality
CVE-2024-12349
8.8 - High
- December 09, 2024
A vulnerability was found in JFinalCMS 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/tag/save. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Session Riding
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jwillber Jfinalcms or by Jwillber? Click the Watch button to subscribe.
