CVE-2026-5848

A vulnerability was found in jeecgboot JimuReport up to 2.3.0. The affected element is the function DriverManager.getConnection of the file /drag/onlDragDataSource/testConnection of the component Data Source Handler. Performing a manipulation of the argument dbUrl results in code injection. The...

EUVD-2026-20858

A vulnerability was found in jeecgboot JimuReport up to 2.3.0. The affected element is the function DriverManager.getConnection of the file /drag/onlDragDataSource/testConnection of the component Data Source Handler. Performing a manipulation of the argument dbUrl results in code injection. The...

CVE-2026-5848

A vulnerability was found in jeecgboot JimuReport up to 2.3.0. The affected element is the function DriverManager.getConnection of the file /drag/onlDragDataSource/testConnection of the component Data Source Handler. Performing a manipulation of the argument dbUrl results in code injection. The...

JimuReport 代码注入漏洞

JimuReport is a free reporting tool developed by JEECG in China. Versions of JimuReport 2.3.0 and earlier had a code injection vulnerability. This vulnerability stemmed from incorrect handling of the parameter dbUrl in the DriverManager.getConnection function within the Data Source Handler...

PT-2026-31587

Name of the Vulnerable Software and Affected Versions jeecgboot JimuReport versions up to 2.3.0 Description A code injection issue exists in the Data Source Handler component of jeecgboot JimuReport, specifically within the DriverManager.getConnection function located in the...

CVE-2025-8743

A vulnerability classified as problematic has been found in Scada-LTS up to 2.7.8.1. This affects an unknown part of the file /datasourceedit.shtm of the component Virtual Data Source Property Handler. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate...

CVE-2025-8743

A vulnerability classified as problematic has been found in Scada-LTS up to 2.7.8.1. This affects an unknown part of the file /datasourceedit.shtm of the component Virtual Data Source Property Handler. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate...

The vulnerability of the MySQL Data Source Handler component of the Apache Linkis application connection, management, and orchestration software allows a attacker to execute arbitrary code.

The vulnerability of the MySQL Data Source Handler component of the Apache Linkis connection management and orchestration software lies in defects in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by introducing specially crafted...

PT-2024-5100 · Apache · Apache Linkis

Name of the Vulnerable Software and Affected Versions: Apache Linkis versions = 1.8.0 241. For Apache Linkis versions = 1.5.0, upgrade Linkis to version 1.6.0...