Lucene search
+L

30 matches found

cnvd
cnvd
added 2024/05/10 12:0 a.m.16 views

J2EEFAST findApplyedTasksPage function SQL injection vulnerability

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2eeFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from BpmTaskMapper.xml...

8.8CVSS8.1AI score0.00536EPSS
Exploits0References1
nvd
nvd
added 2024/05/07 5:15 p.m.21 views

CVE-2024-33164

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the authUserList function...

9.8CVSS7.8AI score0.00569EPSS
Exploits0References1
nvd
nvd
added 2024/05/07 5:15 p.m.18 views

CVE-2024-33161

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the unallocatedList function...

5.3CVSS7.8AI score0.00244EPSS
Exploits0References1
cve
cve
added 2024/05/07 12:0 a.m.60 views

CVE-2024-33161

CVE-2024-33161 affects J2EEFAST v2.7.0, with a SQL injection vulnerability exposed through the sql_filter parameter in the unallocatedList() function. The issue enables potential unauthorized SQL execution and data exposure, as indicated by the CVE description and Red Hat/CNVD entries. The CVSS 3...

5.3CVSS8.2AI score0.00244EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2024/05/07 12:0 a.m.13 views

CVE-2024-33161

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the unallocatedList function...

8.3AI score0.00244EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/05/07 12:0 a.m.15 views

CVE-2024-33149

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the myProcessList function...

8.3AI score0.00483EPSS
Exploits0References1
cvelist
cvelist
added 2024/05/07 12:0 a.m.28 views

CVE-2024-33155

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the getDeptList function...

8.1AI score0.00557EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/05/07 12:0 a.m.11 views

CVE-2024-33144

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the findApplyedTasksPage function in BpmTaskMapper.xml...

8.3AI score0.00536EPSS
Exploits0References1
nvd
nvd
added 2021/08/12 10:15 p.m.14 views

CVE-2021-28890

J2eeFAST 2.2.1 allows remote attackers to perform SQL injection via the 1 compId parameter to fast/sys/user/list, 2 deptId parameter to fast/sys/role/list, or 3 roleId parameter to fast/sys/role/authUser/list, related to the use of $ to join SQL statements...

9.8CVSS0.0134EPSS
Exploits1References1
cvelist
cvelist
added 2021/08/12 9:57 p.m.19 views

CVE-2021-28890

J2eeFAST 2.2.1 allows remote attackers to perform SQL injection via the 1 compId parameter to fast/sys/user/list, 2 deptId parameter to fast/sys/role/list, or 3 roleId parameter to fast/sys/role/authUser/list, related to the use of $ to join SQL statements...

10AI score0.0134EPSS
Exploits1References1
Rows per page
Query Builder