3 matches found
CVE-2024-33144
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the findApplyedTasksPage function in BpmTaskMapper.xml...
CVE-2024-33144
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the findApplyedTasksPage function in BpmTaskMapper.xml...
CVE-2024-33144
CVE-2024-33144 affects J2EEFAST v2.7.0. The vulnerability is a SQL injection in the sql_filter parameter of the findApplyedTasksPage function in BpmTaskMapper.xml. The underlying issue is lack of validation of external input in that parameter, enabling an attacker to craft SQL statements that cou...