2 matches found
CVE-2022-37205
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection...
CVE-2022-37205
CVE-2022-37205 affects JFinal CMS 5.1.0. SQL Injection stems from multiple interfaces using their own SQL concatenation without filters, enabling high-impact access (C/H, I/H, A/H) per CVSS 3.1. Exploitation PoC exists on GitHub (AgainstTheLight) and a related exploit repo is linked in the connec...