4 matches found
CVE-2021-38239
SQL Injection vulnerability in dataease before 1.2.0, allows attackers to gain sensitive information via the orders parameter to /api/sysmsg/list/1/10...
CVE-2021-38239
creationtimestamp| type| source ---|---|--- 2023-02-16 00:37:10+00:00| seen| https://t.me/cibsecurity/58301...
CVE-2021-38239
SQL Injection vulnerability in dataease before 1.2.0, allows attackers to gain sensitive information via the orders parameter to /api/sysmsg/list/1/10...
CVE-2021-38239
CVE-2021-38239 affects DataEase prior to 1.2.0. A SQL Injection vulnerability exists in the /api/sys_msg/list/1/10 endpoint, exploitable via the orders parameter to reveal sensitive information. The issue is confirmed in multiple sources within the provided documents (e.g., NVD/Red Hat entries al...