Lucene search
K

178 matches found

Vulnrichment
Vulnrichment
added 2023/08/17 12:0 a.m.10 views

CVE-2023-36106

An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list...

6.8AI score0.00688EPSS
Exploits0References2
CVE
CVE
added 2023/08/17 12:0 a.m.60 views

CVE-2023-36106

PowerJob is affected by an incorrect access control vulnerability in version 4.3.2 and earlier. The issue allows remote attackers to disclose sensitive information by querying the appId parameter on the /container/list interface. Public references (including Red Hat and Veracode analyses) describ...

7.5CVSS7.3AI score0.00688EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/08/17 12:0 a.m.29 views

CVE-2023-36106

An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list...

7.5AI score0.00688EPSS
Exploits0References2
CNVD
CNVD
added 2023/08/12 12:0 a.m.19 views

Inventory Management System is an inventory management system. A SQL injection vulnerability exists in Inventory Management System version 1.0, which originates from a SQL injection via the up_pid parameter on the edit_sell.php page. No details of the vulnerability are available at this time.

PowerJob Command Execution Vulnerability...

8CVSS7.1AI score0.01765EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/08/08 12:0 a.m.4 views

Microsoft SharePoint 安全漏洞

PowerJob Command Execution Vulnerability...

8CVSS7AI score0.01765EPSS
Exploits0References4
CNVD
CNVD
added 2023/08/03 12:0 a.m.17 views

PowerJob Command Execution Vulnerability

PowerJob is an open source distributed computing and job scheduling framework that allows developers to easily schedule tasks in their applications. A command execution vulnerability exists in PowerJob version 4.3.3, which stems from the parameter instanceId of /instance/detail failing to properl...

7.5CVSS7.2AI score0.26888EPSS
Exploits1Affected Software1
vulnersOsv
vulnersOsv
added 2023/07/28 3:30 p.m.4 views

dev.macula.boot:macula-boot-starter-powerjob (=5.0.0-RC2), io.github.shuigedeng:taotao-cloud-starter-job-powerjob (>=2023.02 <=2023.08) +21 more potentially affected by CVE-2023-37754 via tech.powerjob:powerjob-common (>=4.0.0 <=4.3.3)

tech.powerjob:powerjob-common MAVEN version =4.0.0, =2023.02, =2.0.0, =2.0.0, =4.0.0, =1.1.0, =4.3.1, =4.3.0, =4.3.0, =4.3.0, =4.3.1, =4.3.1, =4.3.1, =4.3.1, =4.3.1, =4.3.3 and more Source cves: CVE-2023-37754 Source advisory: OSV:GHSA-2H26-QFXM-R3PQ...

9.8CVSS7.2AI score0.26888EPSS
Exploits1
OSV
OSV
added 2023/07/28 3:30 p.m.8 views

GHSA-2H26-QFXM-R3PQ Code injection in PowerJob

PowerJob v4.3.3 was discovered to contain a remote command execution RCE vulnerability via the instanceId parameter at /instance/detail...

9.8CVSS6.2AI score0.26888EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2023/07/28 3:30 p.m.20 views

Code injection in PowerJob

PowerJob v4.3.3 was discovered to contain a remote command execution RCE vulnerability via the instanceId parameter at /instance/detail...

9.8CVSS7.4AI score0.26888EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/07/28 3:15 p.m.4 views

CVE-2023-37754

PowerJob v4.3.3 was discovered to contain a remote command execution RCE vulnerability via the instanceId parameter at /instance/detail...

9.8CVSS7.6AI score0.26888EPSS
Exploits1References4
NVD
NVD
added 2023/07/28 3:15 p.m.30 views

CVE-2023-37754

PowerJob v4.3.3 was discovered to contain a remote command execution RCE vulnerability via the instanceId parameter at /instance/detail...

9.8CVSS9.7AI score0.26888EPSS
Exploits1References3
OSV
OSV
added 2023/07/28 3:15 p.m.25 views

CVE-2023-37754

PowerJob v4.3.3 was discovered to contain a remote command execution RCE vulnerability via the instanceId parameter at /instance/detail...

9.8CVSS7.9AI score
Exploits0References3
Prion
Prion
added 2023/07/28 3:15 p.m.15 views

Command injection

PowerJob v4.3.3 was discovered to contain a remote command execution RCE vulnerability via the instanceId parameter at /instance/detail...

7.5CVSS9.7AI score0.26888EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/28 12:0 a.m.14 views

CVE-2023-37754

PowerJob v4.3.3 was discovered to contain a remote command execution RCE vulnerability via the instanceId parameter at /instance/detail...

7.9AI score0.26888EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/07/28 12:0 a.m.4 views

PowerJob 安全漏洞

PowerJob is an open source distributed computing and job scheduling framework that allows developers to easily schedule tasks in their applications. A command execution vulnerability exists in PowerJob version 4.3.3, which stems from the parameter instanceId of /instance/detail failing to properl...

9.8CVSS7.4AI score0.26888EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/07/28 12:0 a.m.11 views

PT-2023-26094 · Powerjob · Powerjob

Name of the Vulnerable Software and Affected Versions: PowerJob version 4.3.3 Description: A remote command execution issue was discovered, allowing exploitation via the instanceId parameter at the "/instance/detail" API endpoint. Recommendations: For PowerJob version 4.3.3, consider restricting...

9.8CVSS9.4AI score0.26888EPSS
Exploits1References8
Cvelist
Cvelist
added 2023/07/28 12:0 a.m.32 views

CVE-2023-37754

PowerJob v4.3.3 was discovered to contain a remote command execution RCE vulnerability via the instanceId parameter at /instance/detail...

9.9AI score0.26888EPSS
Exploits1References3
CVE
CVE
added 2023/07/28 12:0 a.m.66 views

CVE-2023-37754

CVE-2023-37754 affects PowerJob v4.3.3. The vulnerability is a remote command execution (RCE) via the instanceId parameter in the /instance/detail endpoint. The root cause is improper validation/filtering of constructor commands in the instanceId input, enabling arbitrary code/command execution o...

9.8CVSS9.6AI score0.26888EPSS
Exploits1References3Affected Software1
GithubExploit
GithubExploit
added 2023/05/23 6:6 a.m.369 views

Exploit for Incorrect Default Permissions in Powerjob

CVE-2023-29923 1. Prepare a url.txt file,...

5.3CVSS6AI score0.09545EPSS
Exploits3
Veracode
Veracode
added 2023/05/19 6:32 a.m.5 views

Remote Code Execution (RCE)

powerjob-server-core is vulnerable to Remote Code Execution RCE. The vulnerability exists because the library fails to implement access control, which allows an attacker to inject and execute malicious code through the template generator...

9.8CVSS7.5AI score0.01081EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder