Every CVE whose affected-product data names Heyewei Jfinalcms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2024-57665 — CVSS 9.8 (critical): JFinalCMS 1.0 is vulnerable to SQL Injection in rc/main/java/com/cms/entity/Content.java. The cause of the vulnerability is that the title…
CVE-2024-8782 — CVSS 6.3 (medium): A vulnerability was found in JFinalCMS up to 1.0. It has been rated as critical. This issue affects the function delete of the file…
CVE-2024-2568 — CVSS 4.7 (medium): A vulnerability has been found in heyewei JFinalCMS 5.0.0 and classified as critical. Affected by this vulnerability is an unknown…
CVE-2024-8706 — CVSS 4.3 (medium): A vulnerability was found in JFinalCMS up to 20240903. It has been classified as problematic. This affects the function update of the file…
CVE-2024-8694 — CVSS 3.8 (low): A vulnerability, which was classified as problematic, was found in JFinalCMS up to 20240903. This affects the function update of the file…
CVE-2024-5379 — CVSS 3.5 (low): A vulnerability was found in JFinalCMS up to 20240111. It has been rated as problematic. This issue affects some unknown processing of the…
CVE-2024-5310 — CVSS 2.4 (low): A vulnerability classified as problematic has been found in JFinalCMS up to 20221020. This affects an unknown part of the file…
CVE-2026-2200 — CVSS 2.4 (low): A weakness has been identified in heyewei JFinalCMS 5.0.0. This affects an unknown function of the file /admin/admin/save of the component…