20 matches found
EUVD-2022-34894
Malicious code in bioql PyPI...
EUVD-2023-0824
Malicious code in bioql PyPI...
EUVD-2022-7226
Malicious code in bioql PyPI...
EUVD-2023-0911
Malicious code in bioql PyPI...
EUVD-2023-2563
Malicious code in bioql PyPI...
CVE-2023-47467
Directory Traversal vulnerability in jeecg-boot v.3.6.0 allows a remote privileged attacker to obtain sensitive information via the file directory structure...
CVE-2023-38905
SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PGSleep, DBMSLock.Sleep, Waitfor, DECODE, and DBMSPIPE.RECEIVEMESSAGE functions...
CVE-2022-47105
Jeecg-boot v3.4.4 was discovered to contain a SQL injection vulnerability via the component /sys/dict/queryTableData...
CVE-2022-45210
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/deleteRecycleBin...
CVE-2022-45207
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component updateNullByEmptyString...
CVE-2022-22880
Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /jeecg-boot/sys/user/queryUserByDepId...
CVE-2022-45206
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/duplicate/check...
CVE-2021-37306
An Insecure Permissions issue in jeecg-boot 2.4.5 and earlier allows remote attackers to gain escalated privilege and view sensitive information via api uri: api uri:/sys/user/checkOnlyUser?username=admin...
Jeecg-Boot Security Vulnerabilities
Jeecg-Boot is a low-code platform based on a code generator from the JeecgBoot community. A security vulnerability exists in Jeecg-Boot v3.5.3 and earlier versions, which stems from an arbitrary file read vulnerability in interface /testConnection...
CVE-2023-34659
jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface...
PT-2023-24977 · Unknown · Jeecg-Boot
Name of the Vulnerable Software and Affected Versions: jjeecg-boot version 3.5.0 Description: The issue concerns an unauthorized arbitrary file upload in the /jeecg-boot/jmreport/upload interface. This allows for potential malicious file uploads without proper authorization. Recommendations: For...
CVE-2022-45206
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/duplicate/check...
Out-of-bounds
A vulnerability was found in jeecg-boot. It has been declared as critical. This vulnerability affects unknown code of the file /api/. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...
CVE-2022-2647 jeecg-boot unrestricted upload
A vulnerability was found in jeecg-boot. It has been declared as critical. This vulnerability affects unknown code of the file /api/. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...
PT-2022-17882 · Unknown · Jeecg-Boot
Name of the Vulnerable Software and Affected Versions: jeecg-boot affected versions not specified Description: A critical issue has been found in jeecg-boot, affecting unknown code of the file "/api/". The manipulation of the file argument leads to unrestricted upload. The attack can be initiated...