6 matches found
CVE-2024-24001
jshERP v3.3 is vulnerable to SQL Injection. via the com.jsh.erp.controller.DepotHeadController: com.jsh.erp.utils.BaseResponseInfo findallocationDetail function of jshERP which allows an attacker to construct malicious payload to bypass jshERP's protection mechanism...
CVE-2024-24001
jshERP v3.3 is vulnerable to SQL Injection. via the com.jsh.erp.controller.DepotHeadController: com.jsh.erp.utils.BaseResponseInfo findallocationDetail function of jshERP which allows an attacker to construct malicious payload to bypass jshERP's protection mechanism...
Sql injection
jshERP v3.3 is vulnerable to SQL Injection. via the com.jsh.erp.controller.DepotHeadController: com.jsh.erp.utils.BaseResponseInfo findallocationDetail function of jshERP which allows an attacker to construct malicious payload to bypass jshERP's protection mechanism...
CVE-2024-24001
jshERP v3.3 is vulnerable to SQL Injection. via the com.jsh.erp.controller.DepotHeadController: com.jsh.erp.utils.BaseResponseInfo findallocationDetail function of jshERP which allows an attacker to construct malicious payload to bypass jshERP's protection mechanism...
CVE-2024-24001
CVE-2024-24001 affects jshERP v3.3 and is a SQL Injection in the internal API path com.jsh.erp.controller.DepotHeadController.findallocationDetail() via com.jsh.erp.utils.BaseResponseInfo. The vulnerability allows an attacker to craft a malicious payload to bypass protection mechanisms. Impact in...
PT-2024-20227 · Jsherp · Jsherp
Name of the Vulnerable Software and Affected Versions: jshERP version 3.3 Description: The issue allows an attacker to construct a malicious payload to bypass the protection mechanism of jshERP via the com.jsh.erp.controller.DepotHeadController and the findallocationDetail function of...