13 matches found
CVE-2024-43028
A command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3 allows attackers to execute arbitrary code via a crafted HTTP request...
EUVD-2024-55520
A command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3 allows attackers to execute arbitrary code via a crafted HTTP request...
PT-2026-29548
A command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3 allows attackers to execute arbitrary code via a crafted HTTP request...
JeecgBoot 安全漏洞
JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. Versions of JeecgBoot from v3.0.0 to v3.5.3 have security vulnerabilities. These vulnerabilities stem from command injection in the component jmreport/show, which could allow attackers ...
CVE-2024-43028
CVE-2024-43028 is a reported command-injection vulnerability in the Jeecg Boot platform, affecting the /jmreport/show component from v3.0.0 to v3.5.3. The issue allows an attacker to execute arbitrary code via a crafted HTTP request, with network access (no authentication) required. The CVSS v3.1...
CVE-2024-43028
A command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3 allows attackers to execute arbitrary code via a crafted HTTP request...
VulnCheck KEV: CVE-2023-34659
jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface...
CVE-2023-42268
Jeecg boot up to v3.5.3 was discovered to contain a SQL injection vulnerability via the component /jeecg-boot/jmreport/show...
jeecg SQL注入漏洞
Jeecg-Boot is a low-code platform based on a code generator. A SQL injection vulnerability exists in Jeecg-Boot v3.5.3 and earlier versions, which stems from a lack of validation of externally entered SQL statements in the component /jeecg-boot/jmreport/show. An attacker can exploit this...
GHSA-934G-FVCC-4833 jeecg-boot SQL injection vulnerability
jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface...
CVE-2023-34659
jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface...
Jeecg-Boot SQL注入漏洞
Jeecg-Boot is a low-code platform based on a code generator from the JeecgBoot community. A security vulnerability exists in jeecg-boot versions 3.5.0 and 3.5.1, which stems from a SQL injection vulnerability in the id parameter of the /jeecg-boot/jmreport/show interface...
PT-2023-6685 · Unknown · Jeecg-Boot
Name of the Vulnerable Software and Affected Versions: jeecg-boot versions 3.5.0 through 3.5.1 Description: The issue is related to a SQL injection vulnerability. It is associated with the lack of protection measures for the SQL query structure when processing the id parameter. This vulnerability...