Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2025/09/11 12:0 a.m.5 views

PT-2025-37116

Name of the Vulnerable Software and Affected Versions: JEPaaS version 7.2.8 Description: A security issue has been identified in JEPaaS 7.2.8 affecting the doFilterInternal function within the Filter Handler component. This can lead to improper access controls and allows for remote execution of...

6.5CVSS6.3AI score0.00305EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 8:4 a.m.6 views

CVE-2024-51165

SQL injection vulnerability in JEPAAS7.2.8, via /je/rbac/rbac/loadLoginCount in the dateVal parameter, which could allow a remote user to submit a specially crafted query, allowing an attacker to retrieve all the information stored in the DB...

7.5CVSS7.6AI score0.00579EPSS
Exploits1References1
CVE
CVE
added 2024/12/10 12:0 a.m.68 views

CVE-2024-51165

The CVE-2024-51165 issue affects JEPAAS version 7.2.8. A SQL injection vulnerability exists in the /je/rbac/rbac/loadLoginCount endpoint, exploitable through the dateVal parameter to submit a crafted query and exfiltrate all database information. This is documented in Red Hat and NVD entries, whi...

7.5CVSS7.5AI score0.00579EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2024/11/15 4:15 p.m.16 views

CVE-2024-51164

Multiple parameters have SQL injection vulnerability in JEPaaS 7.2.8 via /je/login/btnLog/insertBtnLog, which could allow a remote user to submit a specially crafted query, allowing an attacker to retrieve all the information stored in the DB...

9.1CVSS0.00726EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/11/15 12:0 a.m.12 views

CVE-2024-51164

Multiple parameters have SQL injection vulnerability in JEPaaS 7.2.8 via /je/login/btnLog/insertBtnLog, which could allow a remote user to submit a specially crafted query, allowing an attacker to retrieve all the information stored in the DB...

9.3AI score0.00726EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/11/15 12:0 a.m.16 views

CVE-2024-51164

Multiple parameters have SQL injection vulnerability in JEPaaS 7.2.8 via /je/login/btnLog/insertBtnLog, which could allow a remote user to submit a specially crafted query, allowing an attacker to retrieve all the information stored in the DB...

0.00726EPSS
Exploits1References3
Rows per page
Query Builder