Lucene search
Springblade Security Vulnerabilities
cve
SpringBlade v3.2.0 and below was discovered to contain a SQL injection vulnerability via the component customSqlSegment.
9.8CVSS
9.8AI Score
0.002EPSS
2022-05-05 07:15 PM
45
2
cve
In SpringBlade V3.6.0 when executing SQL query, the parameters submitted by the user are not wrapped in quotation marks, which leads to SQL injection.
9.8CVSS
9.7AI Score
0.001EPSS
2023-08-29 01:15 PM
25
cve
SpringBlade <=V3.6.0 is vulnerable to Incorrect Access Control due to incorrect configuration in the default gateway resulting in unauthorized access to error logs
5.3CVSS
5.1AI Score
0.001EPSS
2023-09-19 12:15 AM
24
cve
An issue in SpringBlade v.3.7.0 and before allows a remote attacker to escalate privileges via the lack of permissions control framework.
9.8CVSS
9.5AI Score
0.001EPSS
2024-01-02 09:15 PM
21