CVE-2026-10202 OFCMS JSON Query SystemDictController.java query sql injection

A vulnerability was identified in OFCMS 1.1.3. This issue affects the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemDictController.java of the component JSON Query Interface. The manipulation leads to sql injection. The attack can be initiated...

CVE-2026-8114 JeecgBoot JSON Object loadTreeData sql injection

A vulnerability was identified in JeecgBoot up to 3.9.1. Affected by this issue is some unknown functionality of the file /sys/dict/loadTreeData of the component JSON Object Handler. The manipulation of the argument condition leads to sql injection. The attack can be initiated remotely. The explo...

JeecgBoot 注入漏洞

JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. JeecgBoot versions 3.9.1 and earlier have a vulnerability related to injection attacks. This vulnerability stems from the parameter condition handled by the JSON object processor in the...

EUVD-2023-28757

Malicious code in bioql PyPI...