3 matches found
CVE-2022-28505
Jfinalcms 5.1.0 is vulnerable to SQL Injection via com.jflyfox.system.log.LogController.java...
CVE-2022-28505
Jfinalcms 5.1.0 is vulnerable to SQL Injection via com.jflyfox.system.log.LogController.java...
CVE-2022-28505
CVE-2022-28505 affects Jfinal_cms 5.1.0. The vulnerability is a SQL Injection in the server-side code, specifically in com.jflyfox.system.log.LogController.java, caused by missing validation of external input SQL statements. Public documents indicate that exploitation could lead to unauthorized S...