3 matches found
CVE-2022-37199
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinalcms/system/user/list...
CVE-2022-37199
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /jfinalcms/system/user/list...
CVE-2022-37199
JFinal CMS 5.1.0 is affected by an SQL Injection in the endpoint /jfinal_cms/system/user/list. Multiple connected sources (Red Hat CVE entry, GHSA advisory, OSV/NVD listings) corroborate that JFinal CMS 5.1.0 is vulnerable to SQL injection via that path. The CVE description consistently states th...