23 matches found
CVE-2025-13251
A flaw has been found in WeiYe-Jing datax-web up to 2.1.2. Affected is an unknown function. Executing manipulation can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2025-13250
A vulnerability was detected in WeiYe-Jing datax-web up to 2.1.2. This impacts the function remove/update/pause/start/triggerJob of the component Job Handler. Performing manipulation results in improper access controls. The attack may be initiated remotely. The exploit is now public and may be us...
EUVD-2025-197731
A flaw has been found in WeiYe-Jing datax-web up to 2.1.2. Affected is an unknown function. Executing manipulation can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2025-13251
A flaw has been found in WeiYe-Jing datax-web up to 2.1.2. Affected is an unknown function. Executing manipulation can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2025-13251
A flaw has been found in WeiYe-Jing datax-web up to 2.1.2. Affected is an unknown function. Executing manipulation can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2025-13251 WeiYe-Jing datax-web sql injection
A flaw has been found in WeiYe-Jing datax-web up to 2.1.2. Affected is an unknown function. Executing manipulation can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2025-13251
The CVE-2025-13251 entry concerns WeiYe-Jing datax-web up to 2.1.2, where an unknown function can be manipulated to cause SQL injection. Multiple sources (NVD, Red Hat RH:CVE-2025-13251, CNNVD-202511-1817, EUVD-2025-197731, osv) describe remote exploitation with published exploits. Impact is desc...
EUVD-2025-197730
A vulnerability was detected in WeiYe-Jing datax-web up to 2.1.2. This impacts the function remove/update/pause/start/triggerJob of the component Job Handler. Performing manipulation results in improper access controls. The attack may be initiated remotely. The exploit is now public and may be us...
CVE-2025-13250
The CVE-2025-13250 vulnerability affects WeiYe-Jing datax-web (up to 2.1.2), specifically the Job Handler’s remove, update, pause, start, and triggerJob functions. The described flaw causes improper access controls and can be exploited remotely; multiple sources confirm public exploitation vector...
CVE-2025-13250 WeiYe-Jing datax-web Job triggerJob access control
A vulnerability was detected in WeiYe-Jing datax-web up to 2.1.2. This impacts the function remove/update/pause/start/triggerJob of the component Job Handler. Performing manipulation results in improper access controls. The attack may be initiated remotely. The exploit is now public and may be us...
PT-2025-47087
Name of the Vulnerable Software and Affected Versions WeiYe-Jing datax-web versions up to 2.1.2 Description A flaw exists in WeiYe-Jing datax-web that can lead to SQL injection. The issue is present in an unknown function and may be exploited remotely by executing manipulation. The exploit has be...
EUVD-2024-50803
Malicious code in bioql PyPI...
CVE-2024-12358
A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This affects an unknown part of the file /api/job/add/. The manipulation of the argument glueSource leads to os command injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2024-12358
A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This affects an unknown part of the file /api/job/add/. The manipulation of the argument glueSource leads to os command injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2024-12358
A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This affects an unknown part of the file /api/job/add/. The manipulation of the argument glueSource leads to os command injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2024-12358
WeiYe-Jing datax-web 2.1.1 is affected by an OS command injection in the glueSource parameter of /api/job/add/. The vulnerability, described as critical, can be triggered remotely and has been disclosed publicly. Affected component is the /api/job/add/ processing logic; root cause is input manipu...
CVE-2024-12358 WeiYe-Jing datax-web add os command injection
A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This affects an unknown part of the file /api/job/add/. The manipulation of the argument glueSource leads to os command injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2024-12358 WeiYe-Jing datax-web add os command injection
A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This affects an unknown part of the file /api/job/add/. The manipulation of the argument glueSource leads to os command injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2023-7116
A vulnerability, which was classified as critical, has been found in WeiYe-Jing datax-web 2.1.2. Affected by this issue is some unknown functionality of the file /api/log/killJob of the component HTTP POST Request Handler. The manipulation of the argument processId leads to os command injection...
Command injection
A vulnerability, which was classified as critical, has been found in WeiYe-Jing datax-web 2.1.2. Affected by this issue is some unknown functionality of the file /api/log/killJob of the component HTTP POST Request Handler. The manipulation of the argument processId leads to os command injection...