CVE-2024-35091

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysTenantMapper.xml...

J2EEFAST SysTenantMapper.xml file SQL injection vulnerability

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the SysTenantMapper.xml findPage...

CVE-2024-35091

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysTenantMapper.xml...

CVE-2024-35091

CVE-2024-35091 affects J2EEFAST v2.7.0 via SysTenantMapper.xml findPage, where missing input-validation enables SQL injection. Root cause: lack of external-input SQL validation in the findPage function. Impact: potential exposure of sensitive database data; CVSS v3.1 base score 9.8 (NETWORK, HIGH...

CVE-2024-35091

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysTenantMapper.xml...

PT-2024-26317 · J2Eefast · J2Eefast

Name of the Vulnerable Software and Affected Versions: J2EEFAST version 2.7.0 Description: A SQL injection issue was found in the findPage function in SysTenantMapper.xml, which can be exploited. Recommendations: For version 2.7.0, consider disabling the findPage function in SysTenantMapper.xml...