CVE-2025-15088

A vulnerability was detected in ketr JEPaaS up to 7.2.8. Affected by this vulnerability is the function postilService.loadPostils of the file /je/postil/postil/loadPostil. Performing a manipulation of the argument keyWord results in sql injection. Remote exploitation of the attack is possible. Th...

EUVD-2025-205396

A vulnerability was detected in ketr JEPaaS up to 7.2.8. Affected by this vulnerability is the function postilService.loadPostils of the file /je/postil/postil/loadPostil. Performing manipulation of the argument keyWord results in sql injection. Remote exploitation of the attack is possible. The...

CVE-2025-15088

A vulnerability was detected in ketr JEPaaS up to 7.2.8. Affected by this vulnerability is the function postilService.loadPostils of the file /je/postil/postil/loadPostil. Performing a manipulation of the argument keyWord results in sql injection. Remote exploitation of the attack is possible. Th...

CVE-2025-15088

The CVE-2025-15088 entry concerns ketr JEPaaS up to version 7.2.8. Affected component: function postilService.loadPostils in /je/postil/postil/loadPostil. Root cause: improper handling/manipulation of the keyWord argument enables SQL injection. Impact: remote exploitation is possible; exploitatio...

ketr JEPaaS SQL注入漏洞

ketr JEPaaS is a low-code rapid development platform open-sourced by China's ketr ketr. A SQL injection vulnerability exists in ketr JEPaaS 7.2.8 and earlier versions, which stems from incorrect manipulation of the parameter keyWord of the function postilService.loadPostils in the file...

PT-2025-53415

Name of the Vulnerable Software and Affected Versions ketr JEPaaS versions up to 7.2.8 Description A SQL injection issue exists in ketr JEPaaS. The postilService.loadPostils function, located in the file /je/postil/postil/loadPostil, is susceptible to exploitation. Manipulation of the keyWord...

CVE-2025-14694

A vulnerability was found in ketr JEPaaS up to 7.2.8. This impacts the function readAllPostil of the file /je/postil/postil/readAllPostil. Performing a manipulation of the argument keyWord results in sql injection. The attack can be initiated remotely. The exploit has been made public and could b...

CVE-2025-14694 ketr JEPaaS readAllPostil sql injection

A vulnerability was found in ketr JEPaaS up to 7.2.8. This impacts the function readAllPostil of the file /je/postil/postil/readAllPostil. Performing a manipulation of the argument keyWord results in sql injection. The attack can be initiated remotely. The exploit has been made public and could b...

CVE-2025-14694

A vulnerability was found in ketr JEPaaS up to 7.2.8. This impacts the function readAllPostil of the file /je/postil/postil/readAllPostil. Performing a manipulation of the argument keyWord results in sql injection. The attack can be initiated remotely. The exploit has been made public and could b...

CVE-2025-14694

CVE-2025-14694 affects ketr JEPaaS up to version 7.2.8. The vulnerability is in the readAllPostil function (/je/postil/postil/readAllPostil) where manipulating the keyWord parameter leads to SQL injection. Attack can be initiated remotely over the network; CVSS metrics indicate HIGH privileges ar...

CVE-2025-14694 ketr JEPaaS readAllPostil sql injection

A vulnerability was found in ketr JEPaaS up to 7.2.8. This impacts the function readAllPostil of the file /je/postil/postil/readAllPostil. Performing a manipulation of the argument keyWord results in sql injection. The attack can be initiated remotely. The exploit has been made public and could b...

PT-2025-51182

A vulnerability was found in ketr JEPaaS up to 7.2.8. This impacts the function readAllPostil of the file /je/postil/postil/readAllPostil. Performing manipulation of the argument keyWord results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be...

CVE-2025-14088

A vulnerability was determined in ketr JEPaaS up to 7.2.8. Affected by this vulnerability is an unknown functionality of the file /je/load. This manipulation of the argument Authorization causes improper authorization. The attack is possible to be carried out remotely. The exploit has been public...

CVE-2025-14088

A vulnerability was determined in ketr JEPaaS up to 7.2.8. Affected by this vulnerability is an unknown functionality of the file /je/load. This manipulation of the argument Authorization causes improper authorization. The attack is possible to be carried out remotely. The exploit has been public...

EUVD-2025-201415

A vulnerability was determined in ketr JEPaaS up to 7.2.8. Affected by this vulnerability is an unknown functionality of the file /je/load. This manipulation of the argument Authorization causes improper authorization. The attack is possible to be carried out remotely. The exploit has been public...

CVE-2025-14088

CVE-2025-14088 affects ketr JEPaaS up to version 7.2.8. The vulnerability targets an unknown functionality at the file path /je/load, where manipulation of the Authorization argument leads to improper authorization. It is exploitable remotely and has publicly disclosed exploit material. Multiple ...

CVE-2025-14088 ketr JEPaaS load improper authorization

A vulnerability was determined in ketr JEPaaS up to 7.2.8. Affected by this vulnerability is an unknown functionality of the file /je/load. This manipulation of the argument Authorization causes improper authorization. The attack is possible to be carried out remotely. The exploit has been public...

CVE-2025-14088 ketr JEPaaS load improper authorization

A vulnerability was determined in ketr JEPaaS up to 7.2.8. Affected by this vulnerability is an unknown functionality of the file /je/load. This manipulation of the argument Authorization causes improper authorization. The attack is possible to be carried out remotely. The exploit has been public...