JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/foldernotice/list.
jflyfox jfinal cms 5.1.0