An issue was discovered in PowerJob through 3.2.2, allows attackers to change arbitrary user passwords via the id parameter to /appinfo/save.
7.5CVSS
7.4AI Score
0.001EPSS
PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create app interface.
5.3CVSS
5.2AI Score
0.001EPSS
PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create user/save interface.
5.3CVSS
5.2AI Score
0.008EPSS
5.3CVSS
5.1AI Score
0.022EPSS
PowerJob V4.3.1 is vulnerable to Incorrect Access Control that allows for remote code execution.
9.8CVSS
9.8AI Score
0.003EPSS
9.8CVSS
9.7AI Score
0.003EPSS
An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list.
7.5CVSS
7.3AI Score
0.001EPSS
PowerJob v4.3.3 was discovered to contain a remote command execution (RCE) vulnerability via the instanceId parameter at /instance/detail.
9.8CVSS
9.6AI Score
0.004EPSS