CVE-2024-2568 | heyewei JFinalCMS 5.0.0 Custom Data Page delete sql injection

Inserito da Angelo Barbosa | Mar 17, 2024 | CVE

A vulnerability has been found in heyewei JFinalCMS 5.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/div_data/delete?divId=9 of the component Custom Data Page. The manipulation leads to sql injection.

This vulnerability is known as CVE-2024-2568. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-2568 | heyewei JFinalCMS 5.0.0 Custom Data Page delete sql injection

Post correlati

CVE-2024-43801 | Jellyfin up to 10.9.9 SVG File information disclosure

CVE-2023-42974 | Apple macOS App race condition

CVE-2024-0182 | SourceCodester Engineers Online Portal 1.0 Admin Login /admin/ username/password sql injection

CVE-2024-6062 | GPAC 2.5-DEV-rev228-g11067ea92-master MP4Box src/filters/load_text.c swf_svg_add_iso_sample null pointer dereference (Issue 2872)