4 matches found
CVE-2025-49931
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Crocoblock JetSearch jet-search allows Blind SQL Injection.This issue affects JetSearch: from n/a through = 3.5.10...
PT-2025-43194
Name of the Vulnerable Software and Affected Versions CrocoBlock JetSearch versions through 3.5.10 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-Site Scripting XSS condition. This allows an attacker to...
Apache CXF 资源管理错误漏洞
Apache CXF is an open source Web services framework from the US Apache Apache Foundation. The framework supports a variety of Web services standards, a variety of front-end programming APIs and so on. A resource management error vulnerability exists in Apache CXF versions prior to 3.5.10, 3.6.5,...
PT-2024-26903 · Unknown · Reposilite
Name of the Vulnerable Software and Affected Versions: Reposilite versions 3.5.10 through 3.5.11 Description: The issue is related to an Arbitrary File Read vulnerability via path traversal while serving expanded javadoc files. This occurs because the GET /javadoc/repository//raw/ route uses the...