Metrics
Affected Vendors & Products
Wed, 11 Dec 2024 18:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Jwillber
Jwillber jfinalcms |
|
Weaknesses | CWE-94 | |
CPEs | cpe:2.3:a:jwillber:jfinalcms:1.0:*:*:*:*:*:*:* | |
Vendors & Products |
Jwillber
Jwillber jfinalcms |
Mon, 09 Dec 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Jfinalcms Project
Jfinalcms Project jfinalcms |
|
CPEs | cpe:2.3:a:jfinalcms_project:jfinalcms:*:*:*:*:*:*:*:* | |
Vendors & Products |
Jfinalcms Project
Jfinalcms Project jfinalcms |
|
Metrics |
ssvc
|
Mon, 09 Dec 2024 01:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability was found in JFinalCMS 1.0. It has been rated as critical. Affected by this issue is the function update of the file \src\main\java\com\cms\controller\admin\TemplateController.java of the component Template Handler. The manipulation of the argument content leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |
Title | JFinalCMS Template TemplateController.java update command injection | |
Weaknesses | CWE-74 CWE-77 |
|
References |
| |
Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published: 2024-12-09T00:31:05.003Z
Updated: 2024-12-09T15:33:39.069Z
Reserved: 2024-12-08T16:58:59.907Z
Link: CVE-2024-12350
Updated: 2024-12-09T15:33:33.675Z
Status : Analyzed
Published: 2024-12-09T01:15:05.943
Modified: 2024-12-11T17:32:54.327
Link: CVE-2024-12350
No data.