Vulnerabilities (CVE)

Filtered by vendor Heyewei Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-6539 1 Heyewei 1 Springbootcms 2024-11-21 4.0 MEDIUM 3.5 LOW
A vulnerability classified as problematic has been found in heyewei SpringBootCMS up to 2024-05-28. Affected is an unknown function of the file /guestbook of the component Guestbook Handler. The manipulation of the argument Content leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-270450 is the identifier assigned to this vulnerability.
CVE-2024-8782 1 Heyewei 1 Jfinalcms 2024-09-19 6.5 MEDIUM 9.8 CRITICAL
A vulnerability was found in JFinalCMS up to 1.0. It has been rated as critical. This issue affects the function delete of the file /admin/template/edit. The manipulation of the argument name leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.