Lucene search
GoogleOSV:CVE-2022-37199HistoryAug 23, 2022 - 1:15 p.m.
CVE-2022-37199
2022-08-2313:15:08
Google
osv.dev
4
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
54.6%
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinal_cms/system/user/list.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jfinal_cms | eq | 2.1.0 | |
| jfinal_cms | eq | 4.1.5 | |
| jfinal_cms | eq | 2.5.0 | |
| jfinal_cms | eq | 2.4.0 | |
| jfinal_cms | eq | 1.3 | |
| jfinal_cms | eq | 1.4.1 | |
| jfinal_cms | eq | 4.1.0 | |
| jfinal_cms | eq | 3.1.1 | |
| jfinal_cms | eq | 2.3.0 | |
| jfinal_cms | eq | 4.3.0 |
References
Related
github
github
SQL injection in jflyfox jfinal
2022-08-24 00:00:29
cvelist
cvelist
CVE-2022-37199
2022-08-23 12:54:01
nvd
nvd
CVE-2022-37199
2022-08-23 13:15:08
osv
osv
SQL injection in jflyfox jfinal
2022-08-24 00:00:29
prion
prion
Sql injection
2022-08-23 13:15:00
cve
cve
CVE-2022-37199
2022-08-23 13:15:08
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
54.6%
Related for OSV:CVE-2022-37199