CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

OSV•added 2025/01/16 6:15 p.m.•1 views

CVE-2024-57769

JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the component borrowmoney/listData?applyUser...

8.8CVSS5.8AI score0.00296EPSS

Exploits1References1

Vulnrichment•added 2025/01/16 12:0 a.m.•7 views

CVE-2024-57769

JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the component borrowmoney/listData?applyUser...

8.5AI score0.00296EPSS

Exploits1References1

CVE•added 2025/01/16 12:0 a.m.•45 views

CVE-2024-57769

CVE-2024-57769 affects JFinalOA prior to 2025.01.01, where a SQL injection flaw exists in the component borrowmoney/listData?applyUser . The issue is caused by improper handling of user input in this endpoint, enabling high-severity (C/H, I/H, A/H) impact per CVSS 3.1 with NETWORK attack vector, ...

8.8CVSS8.5AI score0.00296EPSS

Exploits1References1Affected Software1

CNNVD•added 2025/01/16 12:0 a.m.•1 views

JFinalOA 安全漏洞

JFinalOA is an enterprise office system based on the JFinal framework developed by rabbit individual developers. A security vulnerability exists in JFinalOA versions prior to v2025.01.01, which stems from the discovery of an SQL injection vulnerability via the component...

8.8CVSS7.9AI score0.00296EPSS

Exploits1References1