Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:6 p.m.4 views

CVE-2026-4594

A vulnerability has been found in erupts erupt up to 1.13.3. Affected by this issue is the function geneEruptHqlOrderBy of the file erupt-data/erupt-jpa/src/main/java/xyz/erupt/jpa/dao/EruptJpaUtils.java. Such manipulation of the argument sort.field leads to sql injection hibernate. It is possibl...

7.5CVSS6.7AI score0.00254EPSS
Exploits0References1
NVD
NVD
added 2026/03/23 6:16 p.m.4 views

CVE-2026-4594

A vulnerability has been found in erupts erupt up to 1.13.3. Affected by this issue is the function geneEruptHqlOrderBy of the file erupt-data/erupt-jpa/src/main/java/xyz/erupt/jpa/dao/EruptJpaUtils.java. Such manipulation of the argument sort.field leads to sql injection hibernate. It is possibl...

7.5CVSS0.00254EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/23 5:41 p.m.28 views

CVE-2026-4594 erupts erupt EruptJpaUtils.java geneEruptHqlOrderBy sql injection

A vulnerability has been found in erupts erupt up to 1.13.3. Affected by this issue is the function geneEruptHqlOrderBy of the file erupt-data/erupt-jpa/src/main/java/xyz/erupt/jpa/dao/EruptJpaUtils.java. Such manipulation of the argument sort.field leads to sql injection hibernate. It is possibl...

7.5CVSS0.00254EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/23 5:41 p.m.4 views

CVE-2026-4594

A vulnerability has been found in erupts erupt up to 1.13.3. Affected by this issue is the function geneEruptHqlOrderBy of the file erupt-data/erupt-jpa/src/main/java/xyz/erupt/jpa/dao/EruptJpaUtils.java. Such manipulation of the argument sort.field leads to sql injection hibernate. It is possibl...

7.5CVSS6.7AI score0.00254EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/03/23 5:41 p.m.9 views

CVE-2026-4594

The vulnerability CVE-2026-4594 affects the product family erupt (up to version 1.13.3). The issue is in the component erupt-data/erupt-jpa/src/main/java/xyz/erupt/jpa/dao/EruptJpaUtils.java, specifically the function geneEruptHqlOrderBy, where manipulation of the sort.field argument leads to a S...

7.5CVSS6.7AI score0.00254EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.9 views

ERUPT 安全漏洞

ERUPT is a low-code + AI-based framework developed by YuePeng, a personal developer in China. Versions of ERUPT prior to 1.13.3 contain security vulnerabilities. These vulnerabilities stem from incorrect handling of the sort.field parameter in the...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References4
Rows per page
Query Builder