Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

569 matches found

Nuclei
Nucleiadded 17 hours ago65 views

JeecgBoot v3.7.1 - SQL Injection

The JeecgBoot application is vulnerable to SQL Injection via the getTotalData endpoint. An attacker can exploit this vulnerability to extract sensitive information from the database by injecting SQL commands. id: CVE-2024-48307 info: name: JeecgBoot v3.7.1 - SQL Injection author: lbb,s4e-io...

9.8CVSS6AI score0.44295EPSS
Exploits1References2
Nuclei
Nucleiadded 17 hours ago281 views

JeecgBoot JimuReport - Template injection

A vulnerability was found in jeecgboot JimuReport up to 1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Template Handler. The manipulation leads to injection. The attack can be launched remotely. The exploit has been disclosed t...

9.8CVSS6.2AI score0.11407EPSS
Exploits0References3
Nuclei
Nucleiadded 17 hours ago24 views

JeecgBoot 3.5.0 - SQL Injection

jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface. id: CVE-2023-34659 info: name: JeecgBoot 3.5.0 - SQL Injection author: ritikchaddha severity: critical description: | jeecg-boot 3.5.0 and 3.5.1 have a SQL injection...

9.8CVSS7.4AI score0.1248EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2026/06/09 2:59 p.m.7 views

CVE-2026-11502

A weakness has been identified in JeecgBoot up to 3.9.2. Impacted is the function HttpServletResponse.sendRedirect of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdLoginController.java of the component Third-Party Login. This manipulation of...

3.1CVSS4.7AI score0.0038EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/09 2:58 a.m.10 views

CVE-2026-11464

A vulnerability was identified in JeecgBoot up to 3.9.2. Affected by this vulnerability is the function queryPageList of the file src\main\java\org\jeecg\modules\system\controller\SysUserController.java of the component User List Endpoint. The manipulation of the argument salt leads to informatio...

3.1CVSS4.8AI score0.00321EPSS
Exploits0References1
NVD
NVDadded 2026/06/08 10:16 a.m.15 views

CVE-2026-11502

A weakness has been identified in JeecgBoot up to 3.9.2. Impacted is the function HttpServletResponse.sendRedirect of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdLoginController.java of the component Third-Party Login. This manipulation of...

3.1CVSS0.0038EPSS
Exploits0References7
EUVD
EUVDadded 2026/06/08 9:30 a.m.7 views

EUVD-2026-35037

A weakness has been identified in JeecgBoot up to 3.9.2. Impacted is the function HttpServletResponse.sendRedirect of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdLoginController.java of the component Third-Party Login. This manipulation of...

3.1CVSS4.7AI score0.0038EPSS
Exploits0References7
Cvelist
Cvelistadded 2026/06/08 9:30 a.m.38 views

CVE-2026-11502 JeecgBoot Third-Party Login ThirdLoginController.java HttpServletResponse.sendRedirect redirect

A weakness has been identified in JeecgBoot up to 3.9.2. Impacted is the function HttpServletResponse.sendRedirect of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdLoginController.java of the component Third-Party Login. This manipulation of...

3.1CVSS0.0038EPSS
Exploits0References7
ATTACKERKB
ATTACKERKBadded 2026/06/08 9:30 a.m.6 views

CVE-2026-11502

A weakness has been identified in JeecgBoot up to 3.9.2. Impacted is the function HttpServletResponse.sendRedirect of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdLoginController.java of the component Third-Party Login. This manipulation of...

3.1CVSS4.7AI score0.0038EPSS
Exploits0References7
Vulnrichment
Vulnrichmentadded 2026/06/08 9:30 a.m.5 views

CVE-2026-11502 JeecgBoot Third-Party Login ThirdLoginController.java HttpServletResponse.sendRedirect redirect

A weakness has been identified in JeecgBoot up to 3.9.2. Impacted is the function HttpServletResponse.sendRedirect of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdLoginController.java of the component Third-Party Login. This manipulation of...

3.1CVSS4.6AI score0.0038EPSS
Exploits0References7
EUVD
EUVDadded 2026/06/08 12:30 a.m.8 views

EUVD-2026-34995

A vulnerability was identified in JeecgBoot up to 3.9.2. Affected by this vulnerability is the function queryPageList of the file src\main\java\org\jeecg\modules\system\controller\SysUserController.java of the component User List Endpoint. The manipulation of the argument salt leads to informatio...

3.1CVSS4.9AI score0.00321EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/06/08 12:0 a.m.10 views

PT-2026-47264

A weakness has been identified in JeecgBoot up to 3.9.2. Impacted is the function HttpServletResponse.sendRedirect of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdLoginController.java of the component Third-Party Login. This manipulation of...

3.1CVSS4.6AI score0.0038EPSS
Exploits0References8
CNNVD
CNNVDadded 2026/06/08 12:0 a.m.6 views

JeecgBoot 输入验证错误漏洞

JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. JeecgBoot versions 3.9.2 and earlier contained a vulnerability related to input validation errors. This vulnerability originated from a function in the Third-Party Login component,...

3.1CVSS4.6AI score0.0038EPSS
Exploits0References1
NVD
NVDadded 2026/06/07 11:16 p.m.6 views

CVE-2026-11464

A vulnerability was identified in JeecgBoot up to 3.9.2. Affected by this vulnerability is the function queryPageList of the file src\main\java\org\jeecg\modules\system\controller\SysUserController.java of the component User List Endpoint. The manipulation of the argument salt leads to informatio...

3.1CVSS0.00321EPSS
Exploits0References7
ATTACKERKB
ATTACKERKBadded 2026/06/07 10:30 p.m.8 views

CVE-2026-11464

A vulnerability was identified in JeecgBoot up to 3.9.2. Affected by this vulnerability is the function queryPageList of the file src\main\java\org\jeecg\modules\system\controller\SysUserController.java of the component User List Endpoint. The manipulation of the argument salt leads to informatio...

3.1CVSS4.8AI score0.00321EPSS
Exploits0References7
CVE
CVEadded 2026/06/07 10:30 p.m.23 views

CVE-2026-11464

JeecgBoot v3.9.2 and earlier are affected by CVE-2026-11464. The vulnerability is in the User List Endpoint, specifically the function queryPageList in SysUserController.java. Manipulating the salt argument leads to information disclosure. The issue can be triggered remotely and is described as h...

3.1CVSS4.9AI score0.00321EPSS
Exploits0References7
Cvelist
Cvelistadded 2026/06/07 10:30 p.m.29 views

CVE-2026-11464 JeecgBoot User List Endpoint SysUserController.java queryPageList information disclosure

A vulnerability was identified in JeecgBoot up to 3.9.2. Affected by this vulnerability is the function queryPageList of the file src\main\java\org\jeecg\modules\system\controller\SysUserController.java of the component User List Endpoint. The manipulation of the argument salt leads to informatio...

3.1CVSS0.00321EPSS
Exploits0References7
Vulnrichment
Vulnrichmentadded 2026/06/07 10:30 p.m.6 views

CVE-2026-11464 JeecgBoot User List Endpoint SysUserController.java queryPageList information disclosure

A vulnerability was identified in JeecgBoot up to 3.9.2. Affected by this vulnerability is the function queryPageList of the file src\main\java\org\jeecg\modules\system\controller\SysUserController.java of the component User List Endpoint. The manipulation of the argument salt leads to informatio...

3.1CVSS4.9AI score0.00321EPSS
Exploits0References7
CNNVD
CNNVDadded 2026/06/07 12:0 a.m.5 views

JeecgBoot 访问控制错误漏洞

JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. JeecgBoot versions 3.9.2 and earlier contain an access control vulnerability. This vulnerability stems from the function queryPageList in the User List Endpoint component, which process...

3.1CVSS4.7AI score0.00321EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/06/07 12:0 a.m.9 views

PT-2026-47195

Name of the Vulnerable Software and Affected Versions JeecgBoot versions prior to 3.9.3 Description An information disclosure issue exists in the User List Endpoint. The manipulation of the salt argument within the queryPageList function of the...

3.1CVSS5.2AI score0.00321EPSS
Exploits0References10
Rows per page
Query Builder