7 matches found
CVE-2022-38280
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/image/list...
CVE-2022-38280
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/image/list...
CVE-2022-38280
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/image/list...
CVE-2022-38280
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/image/list. The root cause is improper handling of user input in SQL queries within the affected endpoint. The CVSS v3.1 base metrics indicate a High impact on confidentiality, integrity, and availability (7.2, HIGH) with network access r...
CVE-2022-38280
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/image/list...
PT-2022-24335 · Jfinalcms · Jfinalcms
Name of the Vulnerable Software and Affected Versions: JFinal CMS version 5.1.0 Description: The issue is related to SQL Injection, which can be exploited via the "/admin/image/list" API endpoint. This allows for potential unauthorized access to sensitive data. Recommendations: For JFinal CMS...
JFinal SQL注入漏洞
JFinal is a Java-based WEB + ORM open source framework. JFinal CMS version 5.1.0 has a security vulnerability , the vulnerability stems from /admin/image/list SQL injection vulnerability...