漏洞组件 - Jfinal cms - 知道创宇 Seebug 漏洞平台

漏洞组件 — Jfinal cms

漏洞详情：: jfinal cms是一个java开发的功能强大的信息咨询网站，采用了简洁强大的JFinal作为web框架，模板引擎用的是beetl，数据库用mysql，前端bootstrap框架。支持oauth2认证、帐号注册、密码加密、评论及回复，消息提示，网站访问量统计，文章评论数和浏览量统计，回复管理，支持权限管理。后台模块包含：栏目管理，栏目公告，栏目滚动图片，文章管理，回复管理，意见反馈，我的相册，相册管理，图片管理，专辑管理、视频管理、缓存更新，友情链接，访问统计，联系人管理，模板管理，组织机构管理，用户管理，角色管理，菜单管理，数据字典管理。

SSV ID	提交时间	漏洞名称	人气 \| 评论
SSV-99691	2023-05-23	jfinal CMS v5.1.0代码执行漏洞(CVE-2023-30349)	4686 \| 0
SSV-97897	2019-04-01	Jfinal cms Backstage Site Management File Upload Vulnerability	1699 \| 0
SSV-97896	2019-04-01	Jfinal cms Background Article Management Office File Upload Vulnerability	1011 \| 0
SSV-97895	2019-04-01	Jfinal cms Background Image Management Office File Upload Vulnerability	895 \| 0
SSV-97894	2019-04-01	Jfinal cms Background Video Management Office File Upload Vulnerability	1119 \| 0
SSV-97893	2019-04-01	Jfinal cms Background Template Management Office File Upload Vulnerability	999 \| 0
SSV-97892	2019-04-01	Jfinal cms Background Scrolling Image File Upload Vulnerability	843 \| 0
SSV-97886	2019-03-29	Jfinal cms Any file renamed in the background, Getshell	2191 \| 0
SSV-97885	2019-03-29	Jfinal cms Any file deletion in the background	1755 \| 0
SSV-97884	2019-03-29	Jfinal cms background arbitrary file read	1811 \| 0
SSV-97883	2019-03-29	Jfinal cms Background directory traversal	1614 \| 0
SSV-97882	2019-03-29	Jfinal cms Any file read in the background template management office	1596 \| 0
SSV-97881	2019-03-29	Jfinal cms Background RCE	1697 \| 0
SSV-97879	2019-03-28	Jfinal cms profile stored XSS	1502 \| 0
SSV-97878	2019-03-28	Jfinal cms article stored XSS	852 \| 0
SSV-97877	2019-03-28	Jfinal cms regist stored XSS	793 \| 0
SSV-97876	2019-03-28	Jfinal cms comment stored XSS	689 \| 0
SSV-97875	2019-03-28	Jfinal cms advice stored XSS	755 \| 0