2 matches found
CVE-2022-37202
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/advicefeedback/list...
CVE-2022-37202
CVE-2022-37202 affects JFinal CMS 5.1.0, where multiple interfaces (e.g., /admin/advicefeedback/list) expose SQL Injection due to unsafe SQL concatenation in distinct components. The CVSS 3.1 vector indicates NETWORK attack vector, LOW attack complexity, LOW privileges required, and high impact t...