33 matches found
EUVD-2024-35188
Malicious code in bioql PyPI...
EUVD-2024-35186
Malicious code in bioql PyPI...
EUVD-2024-35187
Malicious code in bioql PyPI...
CVE-2024-33139
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the findpage function...
CVE-2024-35090
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysUreportFileMapper.xml...
CVE-2024-35086
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in BpmTaskFromMapper.xml...
CVE-2024-35090
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysUreportFileMapper.xml...
CVE-2024-35091
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysTenantMapper.xml...
CVE-2024-35084
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysMsgPushMapper.xml...
CVE-2024-35086
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in BpmTaskFromMapper.xml...
CVE-2024-35085
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in ProcessDefinitionMapper.xml...
CVE-2024-35086
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in BpmTaskFromMapper.xml...
CVE-2024-35091
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysTenantMapper.xml...
CVE-2024-35091
CVE-2024-35091 affects J2EEFAST v2.7.0 via SysTenantMapper.xml findPage, where missing input-validation enables SQL injection. Root cause: lack of external-input SQL validation in the findPage function. Impact: potential exposure of sensitive database data; CVSS v3.1 base score 9.8 (NETWORK, HIGH...
CVE-2024-35086
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in BpmTaskFromMapper.xml...
CVE-2024-35086
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in BpmTaskFromMapper.xml...
CVE-2024-35082
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysOperLogMapper.xml...
CVE-2024-35084
CVE-2024-35084 affects J2EEFAST v2.7.0. The vulnerability is a SQL injection in SysMsgPushMapper.xml’s findPage function caused by lack of validation for external input SQL statements. Reported impact indicates high confidentiality, integrity, and availability risk (base score 9.8, CVSS3.1: AV:N/...
CVE-2024-35084
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysMsgPushMapper.xml...
CVE-2024-35090
Affected software: J2EEFAST v2.7.0. Vulnerability: SQL injection via the SysUreportFileMapper.xml findPage function. Root cause: lack of validation of external input SQL statements. Impact (as stated): Attacker could execute arbitrary SQL to steal sensitive database data. References in docs: Mult...