4 matches found
J2EEFAST ProcessDefinitionMapper.xml File SQL Injection Vulnerability
J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from ProcessDefinitionMapper.xml findPag...
CVE-2024-35085
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in ProcessDefinitionMapper.xml...
CVE-2024-35085
CVE-2024-35085 affects J2EEFAST v2.7.0; a SQL injection exists in the findPage function of ProcessDefinitionMapper.xml due to insufficient input validation. Exploitation could allow an attacker to execute arbitrary SQL to access data, per multiple sources (CNVD/CNNVD, Red Hat, NVD). There is no c...
PT-2024-26314 · J2Eefast · J2Eefast
Name of the Vulnerable Software and Affected Versions: J2EEFAST version 2.7.0 Description: A SQL injection issue was found in the findPage function within ProcessDefinitionMapper.xml. Recommendations: For J2EEFAST version 2.7.0, consider restricting access to the findPage function in...