deer-wms-2 SQL注入漏洞

deer-wms-2 is an open source warehouse management system from China's deerwms. A security vulnerability exists in deer-wms-2 3.3 and earlier versions, which originates from SQL injection due to incorrect manipulation of paramsdataScope in the file /system/role/authUser/unallocatedList...

CVE-2025-8124 deerwms deer-wms-2 unallocatedList sql injection

A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /system/role/authUser/unallocatedList. The manipulation of the argument paramsdataScope leads to sql injection. The attack can be...

CVE-2024-33161

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the unallocatedList function...

J2EEFAST unallocatedList function SQL injection vulnerability

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the unallocatedList function of the...

CVE-2024-33161

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the unallocatedList function...

CVE-2024-33161

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the unallocatedList function...

CVE-2024-33161

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the unallocatedList function...

CVE-2024-33161

CVE-2024-33161 affects J2EEFAST v2.7.0, with a SQL injection vulnerability exposed through the sql_filter parameter in the unallocatedList() function. The issue enables potential unauthorized SQL execution and data exposure, as indicated by the CVE description and Red Hat/CNVD entries. The CVSS 3...

J2EEFAST 安全漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the unallocatedList function of the...

CVE-2024-33161

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the unallocatedList function...

PT-2024-25138 · J2Eefast · J2Eefast

Name of the Vulnerable Software and Affected Versions: J2EEFAST version 2.7.0 Description: The issue is related to a SQL injection vulnerability. It occurs via the sql filter parameter in the unallocatedList function. This allows for potential exploitation. Recommendations: For J2EEFAST version...