Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2025/11/17 1:14 p.m.7 views

CVE-2025-13250

A vulnerability was detected in WeiYe-Jing datax-web up to 2.1.2. This impacts the function remove/update/pause/start/triggerJob of the component Job Handler. Performing manipulation results in improper access controls. The attack may be initiated remotely. The exploit is now public and may be us...

8.8CVSS6.3AI score0.00338EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/11/16 12:0 a.m.8 views

PT-2025-47087

Name of the Vulnerable Software and Affected Versions WeiYe-Jing datax-web versions up to 2.1.2 Description A flaw exists in WeiYe-Jing datax-web that can lead to SQL injection. The issue is present in an unknown function and may be exploited remotely by executing manipulation. The exploit has be...

6.5CVSS6.4AI score0.00314EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-50803

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.04942EPSS
Exploits1References4
NVD
NVD
added 2024/12/09 5:15 a.m.16 views

CVE-2024-12358

A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This affects an unknown part of the file /api/job/add/. The manipulation of the argument glueSource leads to os command injection. It is possible to initiate the attack remotely. The exploit has been...

8.8CVSS0.04942EPSS
Exploits1References4
CVE
CVE
added 2024/12/09 4:31 a.m.92 views

CVE-2024-12358

WeiYe-Jing datax-web 2.1.1 is affected by an OS command injection in the glueSource parameter of /api/job/add/. The vulnerability, described as critical, can be triggered remotely and has been disclosed publicly. Affected component is the /api/job/add/ processing logic; root cause is input manipu...

8.8CVSS6.9AI score0.04942EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2024/12/09 4:31 a.m.24 views

CVE-2024-12358 WeiYe-Jing datax-web add os command injection

A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This affects an unknown part of the file /api/job/add/. The manipulation of the argument glueSource leads to os command injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS0.04942EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/12/09 4:31 a.m.8 views

CVE-2024-12358 WeiYe-Jing datax-web add os command injection

A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This affects an unknown part of the file /api/job/add/. The manipulation of the argument glueSource leads to os command injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS7.7AI score0.04942EPSS
Exploits1References4
NVD
NVD
added 2023/12/27 4:15 p.m.15 views

CVE-2023-7116

A vulnerability, which was classified as critical, has been found in WeiYe-Jing datax-web 2.1.2. Affected by this issue is some unknown functionality of the file /api/log/killJob of the component HTTP POST Request Handler. The manipulation of the argument processId leads to os command injection...

9.8CVSS0.09901EPSS
Exploits1References3
Prion
Prion
added 2023/12/27 4:15 p.m.15 views

Command injection

A vulnerability, which was classified as critical, has been found in WeiYe-Jing datax-web 2.1.2. Affected by this issue is some unknown functionality of the file /api/log/killJob of the component HTTP POST Request Handler. The manipulation of the argument processId leads to os command injection...

6.5CVSS7.8AI score0.09901EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2023/12/27 3:31 p.m.88 views

CVE-2023-7116

WeiYe-Jing datax-web 2.1.2 is affected by an OS command injection in the HTTP POST handler for /api/log/killJob, via manipulation of the processId parameter. The issue can be exploited remotely and has been disclosed publicly. Remediation recommended in connected templates is to update to a newer...

9.8CVSS8.4AI score0.09901EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/12/27 3:31 p.m.23 views

CVE-2023-7116 WeiYe-Jing datax-web HTTP POST Request killJob os command injection

A vulnerability, which was classified as critical, has been found in WeiYe-Jing datax-web 2.1.2. Affected by this issue is some unknown functionality of the file /api/log/killJob of the component HTTP POST Request Handler. The manipulation of the argument processId leads to os command injection...

6.5CVSS10AI score0.09901EPSS
Exploits1References3
Rows per page
Query Builder