5 matches found
CVE-2024-12358
A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This affects an unknown part of the file /api/job/add/. The manipulation of the argument glueSource leads to os command injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2024-12358
creationtimestamp| type| source ---|---|--- 2024-12-09 04:35:11+00:00| seen| https://infosec.exchange/users/cve/statuses/113621002546203926 2024-12-09 07:10:06+00:00| seen| https://t.me/cvedetector/12360 2024-12-10 23:15:47+00:00| published-proof-of-concept| https://t.me/LeakDBMS/1529...
CVE-2024-12358 WeiYe-Jing datax-web add os command injection
A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This affects an unknown part of the file /api/job/add/. The manipulation of the argument glueSource leads to os command injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2024-12358
WeiYe-Jing datax-web 2.1.1 is affected by an OS command injection in the glueSource parameter of /api/job/add/. The vulnerability, described as critical, can be triggered remotely and has been disclosed publicly. Affected component is the /api/job/add/ processing logic; root cause is input manipu...
CVE-2024-12358 WeiYe-Jing datax-web add os command injection
A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This affects an unknown part of the file /api/job/add/. The manipulation of the argument glueSource leads to os command injection. It is possible to initiate the attack remotely. The exploit has been...