CVE-2023-1454

A vulnerability classified as critical has been found in jeecg-boot 3.5.0. This affects an unknown part of the file jmreport/qurestSql. The manipulation of the argument apiSelectId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...

SQL Injection

jeecg-boot is vulnerable to SQL Injection. The vulnerability is caused due to improper input validation in the jmreport/qurestSql component. This could allow an attacker to inject malicious input leading to SQL Injection...

GHSA-5V9R-788C-WC8P Jeecg Boot SQL injection vulnerability

SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component...

Jeecg Boot SQL injection vulnerability

SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component...

CVE-2023-41542

SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component...

CVE-2023-41542

SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component...

Sql injection

SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component...

CVE-2023-41542

SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component...

CVE-2023-41542

SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component...

jeecg-boot SQL Injection vulnerability

A vulnerability classified as critical has been found in jeecg-boot 3.5.0. This affects an unknown part of the file jmreport/qurestSql. The manipulation of the argument apiSelectId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...

CVE-2023-1454

A vulnerability classified as critical has been found in jeecg-boot 3.5.0. This affects an unknown part of the file jmreport/qurestSql. The manipulation of the argument apiSelectId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...

jeecg SQL注入漏洞

jeecg is a software application. An intelligent development platform based on a code generator. A SQL injection vulnerability exists in jeecg-boot version 3.5.0, which stems from a security issue in the file jmreport/qurestSql, which leads to SQL injection via the parameter apiSelectId...

PT-2023-16995

Name of the Vulnerable Software and Affected Versions jeecg-boot version 3.5.0 Description A critical vulnerability has been found in jeecg-boot, affecting an unknown part of the file jmreport/qurestSql. The manipulation of the apiSelectId argument leads to sql injection. It is possible to initia...