Lucene search
K

178 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:49 p.m.9 views

CVE-2020-28865

An issue was discovered in PowerJob through 3.2.2, allows attackers to change arbitrary user passwords via the id parameter to /appinfo/save...

7.5CVSS6.9AI score0.00747EPSS
Exploits0
Veracode
Veracode
added 2024/12/11 7:8 a.m.14 views

SQL Injection

tech.powerjob, powerjob is vulnerable to SQL injection. The vulnerability is due to improper handling of the version parameter, which allows attackers to manipulate SQL queries...

9.8CVSS7.7AI score0.00409EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/11/11 9:15 p.m.3 views

CVE-2024-44546

Powerjob = 3.20 is vulnerable to SQL injection via the version parameter...

9.8CVSS5.8AI score0.00409EPSS
Exploits0References2
NVD
NVD
added 2024/11/11 9:15 p.m.20 views

CVE-2024-44546

Powerjob = 3.20 is vulnerable to SQL injection via the version parameter...

9.8CVSS0.00409EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.4 views

PowerJob 安全漏洞

PowerJob is an open source distributed computing and job scheduling framework from PowerJob Open Source that allows developers to easily schedule tasks in their applications. A security vulnerability exists in PowerJob version 3.20 and later, which stems from vulnerability to SQL injection attack...

9.8CVSS7.8AI score0.00409EPSS
Exploits0References3
CVE
CVE
added 2024/11/11 12:0 a.m.58 views

CVE-2024-44546

PowerJob is affected by a SQL injection vulnerability present in version parameter handling for PowerJob 3.20 and later. The issue is described across multiple sources (NVD/Red Hat/Veracode/CVE lists; PT Security) as a vulnerability in PowerJob >= 3.20 that allows SQL injection via the version...

9.8CVSS7.5AI score0.00409EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/11 12:0 a.m.8 views

CVE-2024-44546

Powerjob = 3.20 is vulnerable to SQL injection via the version parameter...

8.2AI score0.00409EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/11 12:0 a.m.22 views

CVE-2024-44546

Powerjob = 3.20 is vulnerable to SQL injection via the version parameter...

0.00409EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/11 12:0 a.m.4 views

PT-2024-31171 · Powerjob · Powerjob

Name of the Vulnerable Software and Affected Versions: Powerjob versions 3.20 and later Description: The issue allows for SQL injection via the version parameter. Recommendations: For Powerjob versions 3.20 and later, at the moment, there is no information about a newer version that contains a fi...

9.8CVSS8AI score0.00409EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/11/22 12:0 a.m.8 views

The vulnerability of distributed computing platforms and PowerJob task scheduling systems, related to incorrect default permissions, allows attackers to gain unauthorized access to protected information.

The vulnerability of distributed computing platforms and the PowerJob task scheduling system is related to incorrect default permissions. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

5.3CVSS5.9AI score0.09545EPSS
Exploits2References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/04 12:0 a.m.10 views

The vulnerability of distributed computing platforms and PowerJob’s task scheduling system, related to lack of access control, allows a intruder to gain unauthorized access to the user/save interface.

The vulnerability of distributed computing platforms and the PowerJob task scheduling system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to the user/save interface...

5.3CVSS5.9AI score0.02998EPSS
Exploits2References3Affected Software1
Veracode
Veracode
added 2023/08/22 5:16 a.m.15 views

Information Disclosure

tech.powerjob:powerjob-server-remote is vulnerable to Information Disclosure. The vulnerability exists in the way that PowerJob handles the appId parameter in the /container/list interface. An attacker is able to exploit this vulnerability by sending a specially crafted request to the PowerJob...

7.5CVSS6.2AI score0.00688EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2023/08/21 9:26 a.m.17 views

Improper Access Control

PowerJob is vulnerable to Incorrect Access Control vulnerability. The vulnerability is due to not applying sufficient authorization checks on the POST /user/save end point. This can lead to an attacker creating users without any permissions...

5.3CVSS6.8AI score0.02998EPSS
Exploits2References1Affected Software1
Github Security Blog
Github Security Blog
added 2023/08/17 9:30 p.m.28 views

PowerJob incorrect access control vulnerability

An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list...

7.5CVSS6.6AI score0.00688EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/08/17 9:30 p.m.21 views

GHSA-443M-3FR6-W8WJ PowerJob incorrect access control vulnerability

An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list...

7.5CVSS7.3AI score0.00688EPSS
Exploits0References3
NVD
NVD
added 2023/08/17 8:15 p.m.24 views

CVE-2023-36106

An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list...

7.5CVSS7.4AI score0.00688EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/08/17 8:15 p.m.3 views

CVE-2023-36106

An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list...

7.5CVSS5.8AI score0.00688EPSS
Exploits0References3
OSV
OSV
added 2023/08/17 8:15 p.m.17 views

CVE-2023-36106

An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list...

7.5CVSS6.8AI score
Exploits0References2
Prion
Prion
added 2023/08/17 8:15 p.m.18 views

Improper access control

An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list...

5CVSS7.3AI score0.00688EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/08/17 12:0 a.m.4 views

PowerJob 安全漏洞

PowerJob is an open source distributed computing and job scheduling framework that allows developers to easily schedule tasks in their applications. A security vulnerability exists in powerjob version 4.3.2 and earlier versions, which stems from the presence of a buggy access control vulnerabilit...

7.5CVSS7.2AI score0.00688EPSS
Exploits0References3
Rows per page
Query Builder