CVE-2022-38286

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/role/list...

CVE-2025-8163

A vulnerability, which was classified as critical, was found in deerwms deer-wms-2 up to 3.3. This affects an unknown part of the file /system/role/list. The manipulation of the argument paramsdataScope leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

deer-wms-2 注入漏洞

deer-wms-2 is a warehouse management system in China deerwms open source . Deer-wms-2 3.3 and earlier versions exist injection vulnerability, the vulnerability stems from the file /system/role/list on the parameter params dataScope wrong operation leads to SQL injection...

CVE-2024-25168

SQL injection vulnerability in snow snow v.2.0.0 allows a remote attacker to execute arbitrary code via the dataScope parameter of the system/role/list interface...

CVE-2024-25168

SQL injection vulnerability in snow snow v.2.0.0 allows a remote attacker to execute arbitrary code via the dataScope parameter of the system/role/list interface...

DingFlow 安全漏洞

DingFlow is DingFlow open source is committed to helping small and medium-sized intelligent office system. DingFlow v.2.0.0 version of a security vulnerability , the vulnerability stems from the system/role/list interface of the dataScope parameter SQL injection vulnerability...

PT-2024-20796 · Snow Snow · Snow Snow

Name of the Vulnerable Software and Affected Versions: snow snow version 2.0.0 Description: A SQL injection issue allows a remote attacker to execute arbitrary code via the dataScope parameter of the "system/role/list" interface. This enables the attacker to potentially access and manipulate...

CVE-2024-0784

A vulnerability was found in hongmaple octopus 1.0. It has been classified as critical. Affected is an unknown function of the file /system/role/list. The manipulation of the argument dataScope leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to...

PT-2024-15817 · Unknown · Hongmaple Octopus +1

Name of the Vulnerable Software and Affected Versions: hongmaple octopus version 1.0 biantaibao octopus version 1.0 Description: A critical issue has been found, affecting an unknown function of the file /system/role/list. The manipulation of the dataScope argument leads to sql injection. It is...

Octopus Deploy SQL Injection Vulnerability

Octopus Deploy is an automation tool for .NET, Java and other application development and deployment from Octopus Deploy Australia. A SQL injection vulnerability exists in Octopus Deploy version 1.0, which stems from /system/role/list containing unknown functions that cause SQL injection via the...

CVE-2022-38286

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/role/list...

CVE-2022-38286

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/role/list...

Sql injection

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /system/role/list...

CVE-2022-38286

CVE-2022-38286 affects JFinal CMS 5.1.0 and is exploitable via the /system/role/list endpoint, enabling SQL injection. The provided sources consistently reference this endpoint vulnerability but do not publish a confirmed fixed version in the documents. CVSSv3.1 base score is 7.2 (High) with impa...

JFinal SQL注入漏洞

JFinal is a Java-based WEB + ORM open source framework. JFinal CMS version 5.1.0 has a security vulnerability , the vulnerability stems from /system/role/list SQL injection vulnerability...