Lucene search
+L

6 matches found

nuclei
nuclei
added 5 hours ago190 views

AJ-Report < 1.4.1 - Remote Code Execution

AJ-Report before version 1.4.1 is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java code on the victim server through script engine injection in the validation rul...

9.8CVSS7.3AI score0.51468EPSS
Exploits2References4
vulncheck_kev
vulncheck_kev
added 2025/05/27 12:0 a.m.8 views

VulnCheck KEV: CVE-2024-7314

anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server. Exploitation evidence was observed by the Shadowserver Foundation on...

9.8CVSS6AI score0.51468EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/02/05 12:0 p.m.18 views

CVE-2024-7314

anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server. Exploitation evidence was observed by the Shadowserver Foundation on...

9.8CVSS7.8AI score0.51468EPSS
Exploits2References1
circl
circl
added 2024/08/02 7:52 p.m.27 views

CVE-2024-7314

creationtimestamp| type| source ---|---|--- 2024-08-02 19:52:13+00:00| seen| https://t.me/cvedetector/2356 2025-04-04 06:21:26+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-7314.yaml 2025-04-04 21:02:09+00:00| seen|...

9.8CVSS7AI score0.51468EPSS
In wildExploits2References6
osv
osv
added 2024/08/02 5:16 p.m.6 views

CVE-2024-7314

anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server. Exploitation evidence was observed by the Shadowserver Foundation on...

9.8CVSS6.1AI score0.51468EPSS
Exploits2References4
vulnrichment
vulnrichment
added 2024/08/02 4:33 p.m.21 views

CVE-2024-7314 anji-plus AJ-Report Authentication Bypass

anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server. Exploitation evidence was observed by the Shadowserver Foundation on...

9.8CVSS7.4AI score0.51468EPSS
Exploits2References4
Rows per page
Query Builder