AgainstTheLight/someEXP_of_jfinal_cms

Releases0

Stars2

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-37202 ↗	Oct 26, 2022Wednesday, 26 October 2022, 18:15	8.8 HIGH	—
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/advicefeedback/list
CVE-2022-37208 ↗	Oct 13, 2022Thursday, 13 October 2022, 12:15	8.8 HIGH	—
JFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVE-2022-37209 ↗	Sep 27, 2022Tuesday, 27 September 2022, 23:15	8.8 HIGH	—
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVE-2022-37205 ↗	Sep 20, 2022Tuesday, 20 September 2022, 18:15	8.8 HIGH	—
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVE-2022-37204 ↗	Sep 20, 2022Tuesday, 20 September 2022, 17:15	9.8 CRITICAL	—
Final CMS 5.1.0 is vulnerable to SQL Injection.
CVE-2022-37203 ↗	Sep 19, 2022Monday, 19 September 2022, 16:15	9.8 CRITICAL	—
JFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.
CVE-2022-37201 ↗	Sep 15, 2022Thursday, 15 September 2022, 16:15	8.8 HIGH	—
JFinal CMS 5.1.0 is vulnerable to SQL Injection.
CVE-2022-37207 ↗	Sep 15, 2022Thursday, 15 September 2022, 15:15	8.8 HIGH	—
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection