Lucene search
+L

177 matches found

CNNVD
CNNVD
added 2024/05/07 12:0 a.m.3 views

J2eeFAST 安全漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2eeFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the export function of the sqlfilte...

9.1CVSS8.2AI score0.0052EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/07 12:0 a.m.5 views

PT-2024-25138 · J2Eefast · J2Eefast

Name of the Vulnerable Software and Affected Versions: J2EEFAST version 2.7.0 Description: The issue is related to a SQL injection vulnerability. It occurs via the sql filter parameter in the unallocatedList function. This allows for potential exploitation. Recommendations: For J2EEFAST version...

5.3CVSS8.2AI score0.00244EPSS
Exploits0References4
CVE
CVE
added 2024/05/07 12:0 a.m.64 views

CVE-2024-33153

CVE-2024-33153 affects J2EEFAST v2.7.0. A SQL injection vulnerability exists in the commentList() function via the sql_filter parameter due to lack of validation against externally entered SQL statements. Impact described in sources is high (confidentiality, integrity, and availability affected) ...

9.8CVSS8.2AI score0.00557EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/05/07 12:0 a.m.64 views

CVE-2024-33147

CVE-2024-33147 affects the J2EEFAST project, specifically version 2.7.0, with a SQL injection vulnerability in the authRoleList function exposed via the sql_filter parameter. The root cause is lack of input validation for external SQL statements in that function, enabling attackers to execute arb...

8.8CVSS8.2AI score0.00547EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/07 12:0 a.m.9 views

CVE-2024-33146

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the export function...

8.3AI score0.0052EPSS
Exploits0References1
CVE
CVE
added 2024/05/07 12:0 a.m.69 views

CVE-2024-33149

CVE-2024-33149 affects J2EEFAST v2.7.0, where a SQL injection vulnerability exists in the myProcessList function via the sql_filter parameter. Root cause described in CNVD-2024-33145 as lack of validation of externally provided SQL statements, enabling execution of arbitrary SQL commands and pote...

8.1CVSS8.2AI score0.00483EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/05/07 12:0 a.m.20 views

CVE-2024-33148

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the list function...

8.1AI score0.0037EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/07 12:0 a.m.22 views

CVE-2024-33149

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the myProcessList function...

8.1AI score0.00483EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/07 12:0 a.m.28 views

CVE-2024-33153

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the commentList function...

8.1AI score0.00557EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/07 12:0 a.m.21 views

CVE-2024-33161

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the unallocatedList function...

8.1AI score0.00244EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/07 12:0 a.m.26 views

CVE-2024-33164

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the authUserList function...

8.1AI score0.00569EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/07 12:0 a.m.23 views

CVE-2024-33139

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the findpage function...

8.1AI score0.00514EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/07 12:0 a.m.20 views

CVE-2024-33144

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the findApplyedTasksPage function in BpmTaskMapper.xml...

8.1AI score0.00536EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/07 12:0 a.m.18 views

CVE-2024-33146

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the export function...

8.1AI score0.0052EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/07 12:0 a.m.12 views

CVE-2024-33155

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the getDeptList function...

8.3AI score0.00557EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/07 12:0 a.m.19 views

CVE-2024-33164

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the authUserList function...

8.3AI score0.00569EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/07 12:0 a.m.6 views

J2eeFAST 安全漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2eeFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from BpmTaskMapper.xml...

8.8CVSS8.3AI score0.00536EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/07 12:0 a.m.4 views

J2eeFAST 安全漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2eeFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the findpage function of the...

7.5CVSS8.2AI score0.00514EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/07 12:0 a.m.5 views

J2EEFAST 安全漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the unallocatedList function of the...

5.3CVSS8.2AI score0.00244EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/07 12:0 a.m.13 views

CVE-2024-33147

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the authRoleList function...

8.3AI score0.00547EPSS
Exploits0References1
Rows per page
Query Builder