CVE-2024-33153

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the commentList function...

CVE-2024-33144

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the findApplyedTasksPage function in BpmTaskMapper.xml...

CVE-2024-33146

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the export function...

CVE-2024-33149

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the myProcessList function...

CVE-2024-33164

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the authUserList function...

CVE-2021-28890

J2eeFAST 2.2.1 allows remote attackers to perform SQL injection via the 1 compId parameter to fast/sys/user/list, 2 deptId parameter to fast/sys/role/list, or 3 roleId parameter to fast/sys/role/authUser/list, related to the use of $ to join SQL statements...

CVE-2024-35083

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysLoginInfoMapper.xml...

CVE-2024-35090

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysUreportFileMapper.xml...

J2EEFAST SysTenantMapper.xml file SQL injection vulnerability

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the SysTenantMapper.xml findPage...

CVE-2024-35090

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysUreportFileMapper.xml...

CVE-2024-35083

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysLoginInfoMapper.xml...

J2EEFAST authUserList Function SQL Injection Vulnerability

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version exists SQL injection vulnerability , the vulnerability stems from the authUserList function in the...

J2EEFAST myProcessList function SQL injection vulnerability

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the myProcessList function of the...

CVE-2024-33155

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the getDeptList function...

CVE-2024-33161

CVE-2024-33161 affects J2EEFAST v2.7.0, with a SQL injection vulnerability exposed through the sql_filter parameter in the unallocatedList() function. The issue enables potential unauthorized SQL execution and data exposure, as indicated by the CVE description and Red Hat/CNVD entries. The CVSS 3...