Lucene search
K

177 matches found

CVE
CVE
added 2024/05/23 5:4 p.m.535 views

CVE-2024-35091

CVE-2024-35091 affects J2EEFAST v2.7.0 via SysTenantMapper.xml findPage, where missing input-validation enables SQL injection. Root cause: lack of external-input SQL validation in the findPage function. Impact: potential exposure of sensitive database data; CVSS v3.1 base score 9.8 (NETWORK, HIGH...

9.8CVSS8.2AI score0.00421EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/23 5:4 p.m.15 views

CVE-2024-35091

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysTenantMapper.xml...

9.8AI score0.00421EPSS
Exploits0References2
CVE
CVE
added 2024/05/23 5:0 p.m.85 views

CVE-2024-35086

CVE-2024-35086 affects J2EEFAST v2.7.0. The vulnerability is a SQL injection in the findPage function within BpmTaskFromMapper.xml due to lack of external input SQL statement validation. Impactful according to the CVE: high confidentiality, integrity, and availability risks with network attack ve...

9.8CVSS8.2AI score0.00534EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/05/23 5:0 p.m.16 views

CVE-2024-35086

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in BpmTaskFromMapper.xml...

7.8AI score0.00534EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/05/23 5:0 p.m.16 views

CVE-2024-35086

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in BpmTaskFromMapper.xml...

8.2AI score0.00534EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/05/23 4:58 p.m.12 views

CVE-2024-35082

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysOperLogMapper.xml...

8.3AI score0.00254EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/23 4:58 p.m.17 views

CVE-2024-35082

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysOperLogMapper.xml...

7.8AI score0.00254EPSS
Exploits0References2
CVE
CVE
added 2024/05/23 4:58 p.m.3715 views

CVE-2024-35082

CVE-2024-35082 concerns J2EEFAST v2.7.0, where a SQL injection flaw exists in the SysOperLogMapper.xml file’s findPage function. The root cause per CNVD/Red Hat style descriptions is lack of input SQL statement validation for that function, enabling potential manipulation of database queries. Rep...

6.3CVSS8.2AI score0.00254EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/05/23 4:57 p.m.88 views

CVE-2024-35084

CVE-2024-35084 affects J2EEFAST v2.7.0. The vulnerability is a SQL injection in SysMsgPushMapper.xml’s findPage function caused by lack of validation for external input SQL statements. Reported impact indicates high confidentiality, integrity, and availability risk (base score 9.8, CVSS3.1: AV:N/...

9.8CVSS8.2AI score0.00421EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/23 4:57 p.m.12 views

CVE-2024-35084

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysMsgPushMapper.xml...

8.3AI score0.00421EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/23 4:57 p.m.22 views

CVE-2024-35084

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysMsgPushMapper.xml...

7.8AI score0.00421EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/23 4:53 p.m.19 views

CVE-2024-35085

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in ProcessDefinitionMapper.xml...

7.8AI score0.00245EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/23 4:53 p.m.15 views

CVE-2024-35085

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in ProcessDefinitionMapper.xml...

5.8AI score0.00245EPSS
Exploits0References2
CVE
CVE
added 2024/05/23 4:53 p.m.712 views

CVE-2024-35085

CVE-2024-35085 affects J2EEFAST v2.7.0; a SQL injection exists in the findPage function of ProcessDefinitionMapper.xml due to insufficient input validation. Exploitation could allow an attacker to execute arbitrary SQL to access data, per multiple sources (CNVD/CNNVD, Red Hat, NVD). There is no c...

5.4CVSS8.2AI score0.00245EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/05/23 4:52 p.m.20 views

CVE-2024-35090

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysUreportFileMapper.xml...

7.8AI score0.00321EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/23 4:52 p.m.18 views

CVE-2024-35090

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysUreportFileMapper.xml...

8.3AI score0.00321EPSS
Exploits0References2
CVE
CVE
added 2024/05/23 4:52 p.m.373 views

CVE-2024-35090

Affected software: J2EEFAST v2.7.0. Vulnerability: SQL injection via the SysUreportFileMapper.xml findPage function. Root cause: lack of validation of external input SQL statements. Impact (as stated): Attacker could execute arbitrary SQL to steal sensitive database data. References in docs: Mult...

8.2CVSS8.2AI score0.00321EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/05/23 4:46 p.m.18 views

CVE-2024-35083

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysLoginInfoMapper.xml...

7.8AI score0.00405EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/23 4:46 p.m.15 views

CVE-2024-35083

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysLoginInfoMapper.xml...

8.3AI score0.00405EPSS
Exploits0References2
CVE
CVE
added 2024/05/23 4:46 p.m.3631 views

CVE-2024-35083

CVE-2024-35083 affects J2EEFAST v2.7.0 with a SQL injection vulnerability in SysLoginInfoMapper.xml findPage function. Root cause stated as lack of validation of external input SQL statements, enabling an attacker to execute arbitrary SQL and potentially steal data. The CVSS v3.1 score is 8.8 ( H...

8.8CVSS8.2AI score0.00405EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder