jflyfox/jfinal_cms issues and pull requests

#60 - jfinal CMS v5.1.0 has an unauthorization command execution vulnerability

Issue - State: open - Opened by kaoniniang2 3 months ago - 1 comment

#59 - [SECURITY] Use HTTPS to resolve dependencies in Maven Build

Pull Request - State: open - Opened by JLLeitschuh about 1 year ago - 1 comment

#58 - Jfinal_ CMS V5.1.0 has login.jsp written to RCE

Issue - State: open - Opened by ZccAcc over 1 year ago

#57 - jfinal CMS v5.1.0 has a arbitrary file reading vulnerability exists

Issue - State: open - Opened by nightcloudos over 1 year ago

#56 - Bump commons-fileupload from 1.3.3 to 1.5

Pull Request - State: open - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, java

#55 - Fixed several security vulnerabilities

Pull Request - State: open - Opened by Northind almost 2 years ago

#54 - jfinal CMS v5.1.0 has a command execution vulnerability exists

Issue - State: open - Opened by baimao-box almost 2 years ago - 5 comments

#53 - XSS vulnerability exists in jfinal_cms V5.1.0

Issue - State: open - Opened by superleeh about 2 years ago - 1 comment

#52 - Some SQL injection vulnerabilities exists in JFinal CMS 5.1.0

Issue - State: open - Opened by So4ms over 2 years ago

#51 - Some SQL injection vulnerabilities exists in JFinal CMS 5.1.0

Issue - State: open - Opened by So4ms over 2 years ago

#50 - jfinal_ CMS 5.1.0 has a SQL injection

Issue - State: open - Opened by AgainstTheLight over 2 years ago

#49 - There is a SQL injection vulnerability exists in JFinal CMS 5.1.0 again

Issue - State: open - Opened by jwt-123 over 2 years ago

#48 - There is a SQL injection vulnerability exists in JFinal CMS 5.1.0

Issue - State: open - Opened by jwt-123 over 2 years ago

#47 - CVE-2022-33113 - Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module.

Pull Request - State: open - Opened by bmohanr-techie over 2 years ago - 6 comments

#46 - XSS vulnerability2 in jfinal_cms 5.1.0

Issue - State: open - Opened by Townmacro over 2 years ago

#45 - XSS vulnerability1 in jfinal_cms 5.1.0

Issue - State: open - Opened by Townmacro over 2 years ago

#44 - Issue ID: CVE-2022-33113

Pull Request - State: closed - Opened by bharathmohanraj over 2 years ago - 3 comments

#43 - jfinal_ CMS 5.1.0 SQL injection

Issue - State: open - Opened by zftishack over 2 years ago

#42 - XSS vulnerability in Jfinal_cms V5.1.0

Issue - State: open - Opened by playmood over 2 years ago

#41 - Bump mysql-connector-java from 8.0.18 to 8.0.28

Pull Request - State: open - Opened by dependabot[bot] over 2 years ago
Labels: dependencies, java

#40 - Bump fastjson from 1.2.62 to 1.2.83

Pull Request - State: open - Opened by dependabot[bot] over 2 years ago
Labels: dependencies, java

#39 - XSS vulnerability stored in the publish blog module of Jfinal_cms V5.1.0

Issue - State: open - Opened by arongmh over 2 years ago - 1 comment

#38 - SQL injection vulnerability exists in JFinal CMS 5.1.0

Issue - State: open - Opened by arongmh over 2 years ago

#37 - SQLI vul3 in jfinal_cms 5.1.0

Issue - State: open - Opened by zhangdafeihhh over 2 years ago

#36 - SQLI vul2 in jfinal_cms 5.1.0

Issue - State: open - Opened by zhangdafeihhh over 2 years ago

#35 - SQLI vul1 in jfinal_cms 5.1.0

Issue - State: open - Opened by zhangdafeihhh over 2 years ago - 1 comment

#34 - There is an xss vulnerability of HTTP header injection storage in jfinal_cms V5.1.0

Issue - State: open - Opened by qq87234770 almost 3 years ago

#33 - [CVE-2022-28505] SQL injection vulnerability exists in JFinal CMS 5.1.0

Issue - State: open - Opened by N1ce759 almost 3 years ago

#31 - jfinal_cms 5.1.0 file path injection vulnerability

Issue - State: open - Opened by luchua-bc almost 3 years ago

#30 - There is a stored xss vulnerability exists in jfinal_cms

Issue - State: open - Opened by afeng2016-s about 3 years ago

#30 - There is a stored xss vulnerability exists in jfinal_cms

Issue - State: open - Opened by afeng2016-s about 3 years ago

#29 - Arbitrary file reading vulnerability exists

Issue - State: open - Opened by hacker-mao about 3 years ago - 1 comment

#28 - Administrator Interface Command Execution Vulnerability

Issue - State: open - Opened by sp4zcmd over 3 years ago

#27 - File reading

Issue - State: open - Opened by e0mlja over 3 years ago - 2 comments

#26 - Bump jfinal from 4.7 to 4.9.11

Pull Request - State: open - Opened by dependabot[bot] over 3 years ago
Labels: dependencies, java

#25 - Fix unsafe `replaceFirst` call

Pull Request - State: closed - Opened by ghost over 3 years ago - 2 comments

#24 - SQL

Issue - State: closed - Opened by d3sh1n over 3 years ago

#23 - [SECURITY] Denial of service because of unsafe regex processing

Issue - State: closed - Opened by ghost over 3 years ago - 3 comments

#22 - Where to report a security vulnerability?

Issue - State: closed - Opened by ghost over 3 years ago

#21 - Bump commons-io from 2.4 to 2.7

Pull Request - State: closed - Opened by dependabot[bot] almost 4 years ago
Labels: dependencies, java

#20 - jfinal_cms.war中没有主清单属性

Issue - State: closed - Opened by yanxianhe over 4 years ago - 1 comment

#19 - A Stored XSS vulnerability exists in jfinal_cms v5.1.0

Issue - State: closed - Opened by Al1ex over 4 years ago - 1 comment

#18 - A Stored XSS vulnerability exists in jfinal_cms v5.1.0

Issue - State: closed - Opened by Al1ex over 4 years ago - 1 comment

#17 - Bump commons-fileupload from 1.3.1 to 1.3.3

Pull Request - State: closed - Opened by dependabot[bot] almost 5 years ago
Labels: dependencies, java

#16 - Bump jquery from 2.2.4 to 3.5.0 in /src/main/webapp/static/component/filemanager/scripts/zeroclipboard

Pull Request - State: closed - Opened by dependabot[bot] almost 5 years ago
Labels: dependencies

#15 - Administrator Interface SSTI Vulnerability

Issue - State: open - Opened by Lilc1 almost 5 years ago - 2 comments

#14 - Arbitrary file upload vulnerability

Issue - State: open - Opened by SummerSec almost 5 years ago - 2 comments

#13 - 无法在CentOS上使用mvn部署

Issue - State: closed - Opened by CHN-STUDENT over 5 years ago - 1 comment

#12 - SQL injection in user role listing

Issue - State: closed - Opened by ztz472947849 almost 6 years ago - 1 comment

#11 - Regex sanitizer bypass to arbitrary file read and directory traversal

Issue - State: closed - Opened by ztz472947849 almost 6 years ago - 1 comment

#10 - CSRF to remote code execution

Issue - State: closed - Opened by ztz472947849 almost 6 years ago - 3 comments

#9 - Unsanitized 500 error message causing reflective XSS

Issue - State: closed - Opened by ztz472947849 almost 6 years ago - 1 comment

#8 - Unsanitized comments causing a stored XSS vulnerability

Issue - State: closed - Opened by ztz472947849 almost 6 years ago - 1 comment

#7 - sql咨询

Issue - State: closed - Opened by github-nbj about 6 years ago - 1 comment

#6 - 附件上传文件大小设置在哪啊？？？

Issue - State: closed - Opened by Chris-YiMing over 6 years ago - 1 comment

#5 - 我能否迁移到 Spring MVC 以及是否现实

Issue - State: closed - Opened by reeselaye over 6 years ago - 1 comment

#4 - 前后端加密做了吗?传输中加密做了吗

Issue - State: closed - Opened by ithjz almost 7 years ago - 1 comment

#3 - 项目运行时报503错误

Issue - State: closed - Opened by yuchen931201 over 7 years ago - 1 comment

#2 - 下载模块

Issue - State: closed - Opened by spiritelf over 7 years ago - 1 comment

#1 - java.lang.NoClassDefFoundError

Issue - State: closed - Opened by wangxp2016 about 8 years ago - 3 comments

GitHub / jflyfox/jfinal_cms issues and pull requests