{"id":"CVE-2022-28505","details":"Jfinal_cms 5.1.0 is vulnerable to SQL Injection via com.jflyfox.system.log.LogController.java.","modified":"2026-07-15T01:49:00.087875793Z","published":"2022-05-03T16:35:38Z","database_specific":{"cna_assigner":"mitre","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/28xxx/CVE-2022-28505.json"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/28xxx/CVE-2022-28505.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-28505"},{"type":"REPORT","url":"https://github.com/jflyfox/jfinal_cms/issues/33"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/jflyfox/jfinal_cms","events":[{"introduced":"f128a0d28bdaa80e6d38ff08c1b4fdc402eeed1e"},{"last_affected":"f128a0d28bdaa80e6d38ff08c1b4fdc402eeed1e"}],"database_specific":{"cpe":"cpe:2.3:a:jflyfox:jfinal_cms:5.1.0:*:*:*:*:*:*:*","extracted_events":[{"introduced":"5.1.0"},{"last_affected":"5.1.0"}],"source":"CPE_STRING"}}],"versions":["5.1.0","v5.1.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-28505.json"}}],"schema_version":"1.7.5"}