Lucene search
K

7 matches found

NVD
NVD
added 2022/09/09 2:15 p.m.10 views

CVE-2022-38280

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/image/list...

7.2CVSS0.00874EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/09/09 2:15 p.m.4 views

CVE-2022-38280

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/image/list...

7.2CVSS5.9AI score0.00874EPSS
Exploits1References2
OSV
OSV
added 2022/09/09 2:15 p.m.14 views

CVE-2022-38280

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/image/list...

7.2CVSS8AI score
Exploits0References1
Cvelist
Cvelist
added 2022/09/09 1:40 p.m.18 views

CVE-2022-38280

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/image/list...

7.6AI score0.00874EPSS
Exploits1References1
CVE
CVE
added 2022/09/09 1:40 p.m.43 views

CVE-2022-38280

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/image/list. The root cause is improper handling of user input in SQL queries within the affected endpoint. The CVSS v3.1 base metrics indicate a High impact on confidentiality, integrity, and availability (7.2, HIGH) with network access r...

7.2CVSS7.3AI score0.00874EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/09 12:0 a.m.4 views

PT-2022-24335 · Jfinalcms · Jfinalcms

Name of the Vulnerable Software and Affected Versions: JFinal CMS version 5.1.0 Description: The issue is related to SQL Injection, which can be exploited via the "/admin/image/list" API endpoint. This allows for potential unauthorized access to sensitive data. Recommendations: For JFinal CMS...

7.2CVSS6.9AI score0.00874EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/09/09 12:0 a.m.3 views

JFinal SQL注入漏洞

JFinal is a Java-based WEB + ORM open source framework. JFinal CMS version 5.1.0 has a security vulnerability , the vulnerability stems from /admin/image/list SQL injection vulnerability...

7.2CVSS7.2AI score0.00874EPSS
Exploits1References2
Rows per page
Query Builder