Lucene search
GitHub Advisory DatabaseGHSA-WV39-F3VX-3V6QHistoryAug 24, 2022 - 12:00 a.m.
SQL injection in jflyfox jfinal
2022-08-2400:00:29
CWE-89
GitHub Advisory Database
github.com
8
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
54.6%
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/role/list.
Affected configurations
Node
jfinaljfinalRange≤5.1.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| com.jflyfox:jflyfox_jfinal | le | 5.1.0 |
Related
osv
osv
SQL injection in jflyfox jfinal
2022-08-24 00:00:29
CVE-2022-37223
2022-08-23 14:15:08
nvd
nvd
CVE-2022-37223
2022-08-23 14:15:08
cvelist
cvelist
CVE-2022-37223
2022-08-23 13:31:07
prion
prion
Sql injection
2022-08-23 14:15:00
cve
cve
CVE-2022-37223
2022-08-23 14:15:08
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
54.6%
Related for GHSA-WV39-F3VX-3V6Q