45 matches found
CVE-2024-43028
A command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3 allows attackers to execute arbitrary code via a crafted HTTP request...
EUVD-2024-55520
A command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3 allows attackers to execute arbitrary code via a crafted HTTP request...
PT-2026-29548
A command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3 allows attackers to execute arbitrary code via a crafted HTTP request...
CVE-2024-43028
CVE-2024-43028 is a reported command-injection vulnerability in the Jeecg Boot platform, affecting the /jmreport/show component from v3.0.0 to v3.5.3. The issue allows an attacker to execute arbitrary code via a crafted HTTP request, with network access (no authentication) required. The CVSS v3.1...
JeecgBoot 安全漏洞
JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. Versions of JeecgBoot from v3.0.0 to v3.5.3 have security vulnerabilities. These vulnerabilities stem from command injection in the component jmreport/show, which could allow attackers ...
CVE-2024-43028
A command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3 allows attackers to execute arbitrary code via a crafted HTTP request...
CVE-2023-1454
A vulnerability classified as critical has been found in jeecg-boot 3.5.0. This affects an unknown part of the file jmreport/qurestSql. The manipulation of the argument apiSelectId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...
SQL Injection
jeecg-boot is vulnerable to SQL Injection. The vulnerability is caused due to improper input validation in the jmreport/qurestSql component. This could allow an attacker to inject malicious input leading to SQL Injection...
CVE-2023-41544
SSTI injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to execute arbitrary code via crafted HTTP request to the /jmreport/loadTableData component...
GHSA-5V9R-788C-WC8P Jeecg Boot SQL injection vulnerability
SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component...
Jeecg Boot SQL injection vulnerability
SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component...
CVE-2023-41542
SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component...
CVE-2023-41542
SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component...
CVE-2023-41542
SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component...
Sql injection
SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component...
CVE-2023-41542
SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component...
CVE-2023-41542
SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component...
jeecg security breach
jeecg is a software application. An intelligent development platform based on a code generator. A security vulnerability exists in jeecg-boot 3.5.3 and earlier versions, which stems from a SQL injection vulnerability in the jmreport/qurestSql component...
VulnCheck KEV: CVE-2023-34659
jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface...
CVE-2023-42268
Jeecg boot up to v3.5.3 was discovered to contain a SQL injection vulnerability via the component /jeecg-boot/jmreport/show...