CVE-2024-33155

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the getDeptList function...

J2EEFAST getDeptList function SQL injection vulnerability

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version exists SQL injection vulnerability , the vulnerability stems from the getDeptList function in the...

PT-2024-25136 · J2Eefast · J2Eefast

Name of the Vulnerable Software and Affected Versions: J2EEFAST version 2.7.0 Description: The issue is related to a SQL injection vulnerability. It occurs via the sql filter parameter in the getDeptList function. This allows for potential exploitation. Recommendations: For J2EEFAST version 2.7.0...

CVE-2024-33155

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the getDeptList function...

CVE-2024-33155

Summary: CVE-2024-33155 affects J2EEFAST v2.7.0, with a SQL injection in the getDeptList() function via the sql_filter parameter. The vulnerability is documented as high-severity (CVSSv3.1: 9.8, CRITICAL) with full impact on confidentiality, integrity, and availability. What’s affected: J2EEFAST ...