J2EEFAST SysLoginInfoMapper.xml File SQL Injection Vulnerability

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the SysLoginInfoMapper.xml findPage...

CVE-2024-35083

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysLoginInfoMapper.xml...

CVE-2024-35083

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysLoginInfoMapper.xml...

CVE-2024-35083

CVE-2024-35083 affects J2EEFAST v2.7.0 with a SQL injection vulnerability in SysLoginInfoMapper.xml findPage function. Root cause stated as lack of validation of external input SQL statements, enabling an attacker to execute arbitrary SQL and potentially steal data. The CVSS v3.1 score is 8.8 ( H...

PT-2024-26312 · J2Eefast · J2Eefast

Name of the Vulnerable Software and Affected Versions: J2EEFAST version 2.7.0 Description: A SQL injection issue was discovered via the findPage function in SysLoginInfoMapper.xml. This allows for potential exploitation. Recommendations: For J2EEFAST version 2.7.0, consider restricting access to...