Lucene search
K

6 matches found

Nuclei
Nuclei
added yesterday182 views

AJ-Report < 1.4.1 - Remote Code Execution

AJ-Report before version 1.4.1 is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java code on the victim server through script engine injection in the validation rul...

9.8CVSS6.3AI score0.51468EPSS
Exploits1References4
VulnCheck KEV
VulnCheck KEV
added 2025/05/27 12:0 a.m.6 views

VulnCheck KEV: CVE-2024-7314

anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server. Exploitation evidence was observed by the Shadowserver Foundation on...

9.8CVSS6AI score0.51468EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:0 p.m.17 views

CVE-2024-7314

anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server. Exploitation evidence was observed by the Shadowserver Foundation on...

9.8CVSS7.8AI score0.51468EPSS
Exploits1References1
Circl
Circl
added 2024/08/02 7:52 p.m.21 views

CVE-2024-7314

creationtimestamp| type| source ---|---|--- 2024-08-02 19:52:13+00:00| seen| https://t.me/cvedetector/2356 2025-04-04 06:21:26+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-7314.yaml 2025-04-04 21:02:09+00:00| seen|...

9.8CVSS5.8AI score0.51468EPSS
In wildExploits1References6
OSV
OSV
added 2024/08/02 5:16 p.m.5 views

CVE-2024-7314

anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server. Exploitation evidence was observed by the Shadowserver Foundation on...

9.8CVSS6.1AI score0.51468EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/08/02 4:33 p.m.20 views

CVE-2024-7314 anji-plus AJ-Report Authentication Bypass

anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server. Exploitation evidence was observed by the Shadowserver Foundation on...

9.8CVSS7.4AI score0.51468EPSS
Exploits1References4
Rows per page
Query Builder