177 matches found
J2eeFAST 安全漏洞
J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2eeFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the export function of the sqlfilte...
PT-2024-25138 · J2Eefast · J2Eefast
Name of the Vulnerable Software and Affected Versions: J2EEFAST version 2.7.0 Description: The issue is related to a SQL injection vulnerability. It occurs via the sql filter parameter in the unallocatedList function. This allows for potential exploitation. Recommendations: For J2EEFAST version...
CVE-2024-33153
CVE-2024-33153 affects J2EEFAST v2.7.0. A SQL injection vulnerability exists in the commentList() function via the sql_filter parameter due to lack of validation against externally entered SQL statements. Impact described in sources is high (confidentiality, integrity, and availability affected) ...
CVE-2024-33147
CVE-2024-33147 affects the J2EEFAST project, specifically version 2.7.0, with a SQL injection vulnerability in the authRoleList function exposed via the sql_filter parameter. The root cause is lack of input validation for external SQL statements in that function, enabling attackers to execute arb...
CVE-2024-33146
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the export function...
CVE-2024-33149
CVE-2024-33149 affects J2EEFAST v2.7.0, where a SQL injection vulnerability exists in the myProcessList function via the sql_filter parameter. Root cause described in CNVD-2024-33145 as lack of validation of externally provided SQL statements, enabling execution of arbitrary SQL commands and pote...
CVE-2024-33148
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the list function...
CVE-2024-33149
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the myProcessList function...
CVE-2024-33153
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the commentList function...
CVE-2024-33161
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the unallocatedList function...
CVE-2024-33164
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the authUserList function...
CVE-2024-33139
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the findpage function...
CVE-2024-33144
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the findApplyedTasksPage function in BpmTaskMapper.xml...
CVE-2024-33146
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the export function...
CVE-2024-33155
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the getDeptList function...
CVE-2024-33164
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the authUserList function...
J2eeFAST 安全漏洞
J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2eeFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from BpmTaskMapper.xml...
J2eeFAST 安全漏洞
J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2eeFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the findpage function of the...
J2EEFAST 安全漏洞
J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the unallocatedList function of the...
CVE-2024-33147
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the authRoleList function...