CVE-2022-38277: SQL Injection
First published: Fri Sep 09 2022(Updated: )
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/folderrollpicture/list.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jflyfox Jfinal Cms | =5.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this JFinal CMS vulnerability?
The vulnerability ID for this JFinal CMS vulnerability is CVE-2022-38277.
What is the title of this JFinal CMS vulnerability?
The title of this JFinal CMS vulnerability is JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/folderrollpicture/list.
What is the severity of CVE-2022-38277?
The severity of CVE-2022-38277 is high with a severity value of 7.2.
Which version of JFinal CMS is affected by this vulnerability?
The version of JFinal CMS affected by this vulnerability is 5.1.0.
How can I fix the SQL Injection vulnerability in JFinal CMS 5.1.0?
To fix the SQL Injection vulnerability in JFinal CMS 5.1.0, it is recommended to apply the latest patches or updates provided by the Jflyfox Jfinal Cms project.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/jflyfox
- canonical/jflyfox jfinal cms
- version/jflyfox jfinal cms/5.1.0