Vulnerabilities > Jflyfox > Jfinal CMS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-16 | CVE-2023-34645 | Files or Directories Accessible to External Parties vulnerability in Jflyfox Jfinal CMS 5.1.0 jfinal CMS 5.1.0 has an arbitrary file read vulnerability. | 7.5 |
| 2022-10-26 | CVE-2022-37202 | SQL Injection vulnerability in Jflyfox Jfinal CMS 5.1.0 JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/advicefeedback/list | 8.8 |
| 2022-10-13 | CVE-2022-37208 | SQL Injection vulnerability in Jflyfox Jfinal CMS 5.1.0 JFinal CMS 5.1.0 is vulnerable to SQL Injection. | 8.8 |
| 2022-09-27 | CVE-2022-37209 | SQL Injection vulnerability in Jflyfox Jfinal CMS 5.1.0 JFinal CMS 5.1.0 is affected by: SQL Injection. | 8.8 |
| 2022-09-20 | CVE-2022-37205 | SQL Injection vulnerability in Jflyfox Jfinal CMS 5.1.0 JFinal CMS 5.1.0 is affected by: SQL Injection. | 8.8 |
| 2022-09-15 | CVE-2022-37201 | SQL Injection vulnerability in Jflyfox Jfinal CMS 5.1.0 JFinal CMS 5.1.0 is vulnerable to SQL Injection. | 8.8 |
| 2022-09-15 | CVE-2022-37207 | SQL Injection vulnerability in Jflyfox Jfinal CMS 5.1.0 JFinal CMS 5.1.0 is affected by: SQL Injection. | 8.8 |
| 2022-09-09 | CVE-2022-38272 | SQL Injection vulnerability in Jflyfox Jfinal CMS 5.1.0 JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/article/list. | 7.2 |
| 2022-09-09 | CVE-2022-38273 | SQL Injection vulnerability in Jflyfox Jfinal CMS 5.1.0 JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/article/list_approve. | 7.2 |
| 2022-09-09 | CVE-2022-38274 | SQL Injection vulnerability in Jflyfox Jfinal CMS 5.1.0 JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/comment/list. | 7.2 |