CVE-2025-10247

A security vulnerability has been detected in JEPaaS 7.2.8. This vulnerability affects the function doFilterInternal of the component Filter Handler. Such manipulation leads to improper access controls. The attack can be executed remotely. The exploit has been disclosed publicly and may be used...

JEPaaS 安全漏洞

JEPaaS is a rapid development platform from China's Kate Weiye JEPaaS. A security vulnerability exists in JEPaaS version 7.2.8. An attacker exploiting the vulnerability can retrieve all information stored in the database...

PT-2024-34547 · Jepaas · Jepaas

Name of the Vulnerable Software and Affected Versions: JEPAAS version 7.2.8 Description: The issue allows a remote user to submit a specially crafted query via the /je/rbac/rbac/loadLoginCount API endpoint in the dateVal parameter. This could enable an attacker to retrieve all the information...

JEPaaS 安全漏洞

JEPaaS is a rapid development platform from China Kate Weiye JEPaaS. A SQL injection vulnerability exists in JEPaaS v7.2.8, which originates from the lack of validation of the orderSQL parameter of /homePortal/loadUserMsg for externally entered SQL statements. An attacker can exploit this...