4 matches found
CVE-2024-46535
creationtimestamp| type| source ---|---|--- 2024-10-14 20:01:12+00:00| seen| https://t.me/cvedetector/7828...
CVE-2024-46535
Jepaas v7.2.8 was discovered to contain a SQL injection vulnerability via the orderSQL parameter at /homePortal/loadUserMsg...
CVE-2024-46535
Jepaas v7.2.8 was discovered to contain a SQL injection vulnerability via the orderSQL parameter at /homePortal/loadUserMsg...
CVE-2024-46535
CVE-2024-46535 affects Jepaas v7.2.8, with a SQL injection vulnerability originating from lack of validation of the orderSQL parameter in the /homePortal/loadUserMsg endpoint. Underlying issue enables execution of arbitrary SQL statements and could lead to sensitive data disclosure, data tamperin...