Lucene search
+L

24 matches found

CVE
CVE
added 2024/12/11 6:31 p.m.51 views

CVE-2024-12479

The CVE-2024-12479 issue affects cjbi wetech-cms versions 1.0–1.2, specifically the searchTopicByKeyword function in wetech-cms-master/wetech-core/src/main/java/tech/wetech/cms/dao/TopicDao.java. The root cause is manipulation of the keyword argument leading to SQL injection, with remote initiati...

8.8CVSS6.8AI score0.00572EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/11 12:0 a.m.7 views

PT-2024-17613 · Unknown · Wetech-Cms

Name of the Vulnerable Software and Affected Versions: cjbi wetech-cms versions 1.0 through 1.2 Description: A critical issue has been found, affecting the searchTopic function in the TopicDao.java file. The manipulation of the con argument leads to SQL injection, allowing for remote attacks. The...

8.8CVSS6.7AI score0.00535EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/12/11 12:0 a.m.7 views

PT-2024-17612 · Unknown · Wetech-Cms

Name of the Vulnerable Software and Affected Versions: cjbi wetech-cms versions 1.0 through 1.2 Description: A critical issue affects the searchTopicByKeyword function of the file wetech-cms-masterwetech-coresrcmainjavatechwetechcmsdaoTopicDao.java. The manipulation of the keyword argument leads ...

8.8CVSS7.1AI score0.00572EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/12/11 12:0 a.m.5 views

PT-2024-17614 · Cjbi · Wetech-Cms

Name of the Vulnerable Software and Affected Versions: cjbi wetech-cms versions 1.0 through 1.2 Description: A critical issue has been found, affecting the findUser function in the UserDao.java file. The manipulation of the searchValue, gId, or rId arguments leads to SQL injection. This issue can...

8.8CVSS7AI score0.00572EPSS
Exploits1References8
Rows per page
Query Builder