6 matches found
CVE-2026-1746
A vulnerability was identified in JeecgBoot 3.9.0. This vulnerability affects unknown code of the file /JeecgBoot/sys/api/loadDictItemByKeyword of the component Online Report API. Such manipulation of the argument keyword leads to sql injection. The attack can be executed remotely. The exploit is...
CVE-2026-1746 JeecgBoot Online Report API loadDictItemByKeyword sql injection
A vulnerability was identified in JeecgBoot 3.9.0. This vulnerability affects unknown code of the file /JeecgBoot/sys/api/loadDictItemByKeyword of the component Online Report API. Such manipulation of the argument keyword leads to sql injection. The attack can be executed remotely. The exploit is...
CVE-2026-1746
A vulnerability was identified in JeecgBoot 3.9.0. This vulnerability affects unknown code of the file /JeecgBoot/sys/api/loadDictItemByKeyword of the component Online Report API. Such manipulation of the argument keyword leads to sql injection. The attack can be executed remotely. The exploit is...
CVE-2026-1746
Summary (CVE-2026-1746) : JeecgBoot 3.9.0 is affected by an SQL injection in the Online Report API, caused by manipulation of the keyword argument in /JeecgBoot/sys/api/loadDictItemByKeyword. The issue enables remote execution and is supported by multiple sources (NVD, Red Hat, CVE list, Attacker...
JeecgBoot SQL注入漏洞
JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. Version 3.9.0 of JeecgBoot contains a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter “keyword” in the file...
PT-2026-5614
A vulnerability was identified in JeecgBoot 3.9.0. This vulnerability affects unknown code of the file /JeecgBoot/sys/api/loadDictItemByKeyword of the component Online Report API. Such manipulation of the argument keyword leads to sql injection. The attack can be executed remotely. The exploit is...