6 matches found
AJ-Report < 1.4.1 - Remote Code Execution
AJ-Report before version 1.4.1 is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java code on the victim server through script engine injection in the validation rul...
VulnCheck KEV: CVE-2024-7314
anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server. Exploitation evidence was observed by the Shadowserver Foundation on...
CVE-2024-7314
anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server. Exploitation evidence was observed by the Shadowserver Foundation on...
CVE-2024-7314
creationtimestamp| type| source ---|---|--- 2024-08-02 19:52:13+00:00| seen| https://t.me/cvedetector/2356 2025-04-04 06:21:26+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-7314.yaml 2025-04-04 21:02:09+00:00| seen|...
CVE-2024-7314
anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server. Exploitation evidence was observed by the Shadowserver Foundation on...
CVE-2024-7314 anji-plus AJ-Report Authentication Bypass
anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server. Exploitation evidence was observed by the Shadowserver Foundation on...