Jw5T

**Name of the Vulnerable Software and Affected Versions** JFinal CMS version 5.1.0 **Description** The issue allows for SQL Injection via the "/admin/advicefeedback/list" API endpoint. **Recommendations** For JFinal CMS version 5.1.0, update to a newer version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JFinal CMS version 5.1.0 **Description** The issue is related to SQL Injection. The affected interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection. **Recommendations** For JFinal CMS version 5.1.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JFinal CMS version 5.1.0 **Description** The issue is related to SQL injection. It is mentioned that the affected interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection. **Recommendations** For JFinal CMS version 5.1.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JFinal CMS version 5.1.0 **Description** The issue is related to SQL injection. It is mentioned that the affected interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection. **Recommendations** For JFinal CMS version 5.1.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Final CMS version 5.1.0 **Description** The issue is related to SQL Injection. **Recommendations** For Final CMS version 5.1.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JFinal CMS version 5.1.0 **Description** The issue is related to SQL Injection. It is mentioned that certain interfaces in JFinal CMS do not utilize the same component or filters but instead use their own SQL concatenation methods, which results in SQL injection. **Recommendations** For JFinal CMS version 5.1.0, consider disabling or restricting the use of SQL concatenation methods in affected interfaces until a patch is available. Restrict access to sensitive data to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JFinal CMS version 5.1.0 **Description** The issue is related to SQL injection. It affects interfaces that do not use the same component or have filters but instead use their own SQL concatenation methods, resulting in SQL injection. **Recommendations** For JFinal CMS version 5.1.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JFinal CMS version 5.1.0 **Description** The issue is related to SQL Injection. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For JFinal CMS version 5.1.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.