Report Security Vulnerabilities and Issues — Report CVE List

Lucene search

Anji-plusReport

3 matches found

CVE•added 2024/05/26 6:15 a.m.•49 views

CVE-2024-5355

A vulnerability, which was classified as critical, has been found in anji-plus AJ-Report up to 1.4.1. This issue affects the function IGroovyHandler. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The ...

9.8CVSS6.9AI score0.01119EPSS

CVE•added 2024/05/26 5:15 a.m.•44 views

CVE-2024-5354

A vulnerability classified as problematic was found in anji-plus AJ-Report up to 1.4.1. This vulnerability affects unknown code of the file /reportShare/detailByCode. The manipulation of the argument shareToken leads to information disclosure. The attack can be initiated remotely. The exploit has b...

6.5CVSS4.6AI score0.00063EPSS

CVE•added 2024/08/02 5:16 p.m.•37 views

CVE-2024-7314

anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server.

9.8CVSS10AI score0.84565EPSS