{"vulnerability": "CVE-2022-3720", "sightings": [{"uuid": "744d0ac8-03d3-4af3-9c37-3761101b7ffa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37202", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15396", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-37202\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/advicefeedback/list\n\ud83d\udccf Published: 2022-10-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-07T18:40:34.467Z\n\ud83d\udd17 References:\n1. https://github.com/AgainstTheLight/someEXP_of_jfinal_cms/blob/main/jfinal_cms/sql1.md\n2. https://github.com/AgainstTheLight/CVE-2022-37202/blob/main/README.md", "creation_timestamp": "2025-05-07T19:22:32.000000Z"}, {"uuid": "434dd1b0-e491-4f5c-813e-725f243fff4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37208", "type": "seen", "source": "https://t.me/cibsecurity/51316", "content": "\u203c CVE-2022-37208 (jfinal_cms) \u203c\n\nJFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-13T16:27:40.000000Z"}, {"uuid": "5574dc72-e7fc-45f2-9304-13517b3aa88e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37209", "type": "seen", "source": "https://t.me/cibsecurity/50539", "content": "\u203c CVE-2022-37209 \u203c\n\nJFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-28T02:36:19.000000Z"}, {"uuid": "30b9ad92-8f1b-44ea-af6d-82e1a50ed798", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37203", "type": "seen", "source": "https://t.me/cibsecurity/50067", "content": "\u203c CVE-2022-37203 \u203c\n\nJFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-19T20:38:21.000000Z"}, {"uuid": "a9ecff24-a762-43be-b96c-13b8ce8afaee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37207", "type": "seen", "source": "https://t.me/cibsecurity/49812", "content": "\u203c CVE-2022-37207 \u203c\n\nJFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-15T18:27:29.000000Z"}, {"uuid": "a54aaa93-05f0-47f7-8cbd-015c9f741796", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37205", "type": "seen", "source": "https://t.me/cibsecurity/50150", "content": "\u203c CVE-2022-37205 \u203c\n\nJFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-20T22:39:30.000000Z"}]}