7 matches found
CVE-2024-6681
Affected product: witmy my-springsecurity-plus (up to 2024-07-04). Vulnerability: SQL injection via manipulation of the argument params.dataScope in the endpoint /api/dept, leading to potential remote exploitation. Multiple sources confirm the issue and public disclosure of the exploit. Impact (a...
CVE-2024-6679 witmy my-springsecurity-plus role sql injection
A vulnerability classified as critical has been found in witmy my-springsecurity-plus up to 2024-07-04. Affected is an unknown function of the file /api/role. The manipulation of the argument params.dataScope leads to sql injection. It is possible to launch the attack remotely. The exploit has be...
CVE-2024-6679
CVE-2024-6679 affects witmy my-springsecurity-plus (up to 2024-07-04). The flaw exists in the /api/role endpoint where manipulating the argument params.dataScope enables SQL injection. It can be exploited remotely and the vulnerability has been publicly disclosed. Multiple sources (NVD, CVE List,...
PT-2024-37797 · Unknown · Witmy My-Springsecurity-Plus
Name of the Vulnerable Software and Affected Versions: witmy my-springsecurity-plus up to 2024-07-04 Description: A critical issue has been found, affecting some unknown functionality of the file /api/dept. The manipulation of the argument params.dataScope leads to SQL injection. The attack may b...
CVE-2024-37472
creationtimestamp| type| source ---|---|--- 2024-07-04 21:51:57+00:00| seen| https://t.me/cvedetector/67...
CVE-2024-6511
creationtimestamp| type| source ---|---|--- 2024-07-04 21:51:56+00:00| seen| https://t.me/cvedetector/66...
CVE-2024-39932
creationtimestamp| type| source ---|---|--- 2024-07-04 18:56:16+00:00| seen| https://t.me/cvedetector/61 2024-07-08 12:33:12+00:00| seen| https://t.me/truesecator/5943 2024-07-08 13:16:59+00:00| seen| Telegram/BsDKi1NO35aX5jFw-nQrwozL1BDFKqIrJaNXO44sTuUJDa1q 2026-05-29 16:00:06+00:00| seen|...