3 matches found
CVE-2022-37201
JFinal CMS 5.1.0 is vulnerable to SQL Injection...
CVE-2022-37201
JFinal CMS 5.1.0 is vulnerable to SQL Injection...
CVE-2022-37201
CVE-2022-37201 affects JFinal CMS 5.1.0. The Red Hat/NVD/etc indicate an SQL injection in multiple interfaces (e.g., /jfinal_cms/admin/contact/list and related id/name/menu-key paths) where SQL is directly concatenated without safe parameterization, enabling remote exploitation and potential data...