51 matches found
CVE-2024-6679
A vulnerability classified as critical has been found in witmy my-springsecurity-plus up to 2024-07-04. Affected is an unknown function of the file /api/role. The manipulation of the argument params.dataScope leads to sql injection. It is possible to launch the attack remotely. The exploit has be...
CVE-2024-6679 witmy my-springsecurity-plus role sql injection
A vulnerability classified as critical has been found in witmy my-springsecurity-plus up to 2024-07-04. Affected is an unknown function of the file /api/role. The manipulation of the argument params.dataScope leads to sql injection. It is possible to launch the attack remotely. The exploit has be...
CVE-2024-6679
CVE-2024-6679 affects witmy my-springsecurity-plus (up to 2024-07-04). The flaw exists in the /api/role endpoint where manipulating the argument params.dataScope enables SQL injection. It can be exploited remotely and the vulnerability has been publicly disclosed. Multiple sources (NVD, CVE List,...
CVE-2024-6679 witmy my-springsecurity-plus role sql injection
A vulnerability classified as critical has been found in witmy my-springsecurity-plus up to 2024-07-04. Affected is an unknown function of the file /api/role. The manipulation of the argument params.dataScope leads to sql injection. It is possible to launch the attack remotely. The exploit has be...
CVE-2024-6676
A vulnerability has been found in witmy my-springsecurity-plus up to 2024-07-03 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /api/user. The manipulation of the argument params.dataScope leads to sql injection. The attack can be launched...
CVE-2024-6676 witmy my-springsecurity-plus user sql injection
A vulnerability has been found in witmy my-springsecurity-plus up to 2024-07-03 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /api/user. The manipulation of the argument params.dataScope leads to sql injection. The attack can be launched...
CVE-2024-6676 witmy my-springsecurity-plus user sql injection
A vulnerability has been found in witmy my-springsecurity-plus up to 2024-07-03 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /api/user. The manipulation of the argument params.dataScope leads to sql injection. The attack can be launched...
CVE-2024-6676
witmy my-springsecurity-plus is affected by a SQL injection in /api/user triggered by manipulating the params.dataScope argument. The vulnerability has remote potential and has been disclosed publicly. Multiple sources (including CVE-2024-6676 records and PT-2024-37793) confirm a critical issue w...
my-springsecurity-plus SQL Injection Vulnerability
my-springsecurity-plus is an RBAC backend privilege management system based on SpringBoot and SpringSecurity by codermy individual developer. A SQL injection vulnerability exists in my-springsecurity-plus prior to version 2024.07.03, which stems from an unknown function in the file /api/dept/buil...
my-springsecurity-plus Security Vulnerabilities
my-springsecurity-plus is an RBAC backend privilege management system based on SpringBoot and SpringSecurity by codermy personal developer. A security vulnerability exists in my-springsecurity-plus prior to version 2024.07.03, which stems from an SQL injection due to manipulation of...
my-springsecurity-plus SQL Injection Vulnerability
my-springsecurity-plus is an RBAC backend privilege management system based on SpringBoot and SpringSecurity by codermy individual developer. A SQL injection vulnerability exists in my-springsecurity-plus prior to version 2024.07.03, which stems from an unknown function in file/api/role, where...