Datax-web Security Vulnerabilities and Issues — Datax-web CVE List

Lucene search

Datax-web ProjectDatax-web

3 matches found

CVE•added 2024/12/09 5:15 a.m.•77 views

CVE-2024-12358

A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This affects an unknown part of the file /api/job/add/. The manipulation of the argument glueSource leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclo...

8.8CVSS6.9AI score0.00383EPSS

CVE•added 2023/12/27 4:15 p.m.•64 views

CVE-2023-7116

A vulnerability, which was classified as critical, has been found in WeiYe-Jing datax-web 2.1.2. Affected by this issue is some unknown functionality of the file /api/log/killJob of the component HTTP POST Request Handler. The manipulation of the argument processId leads to os command injection. Th...

9.8CVSS8.4AI score0.49103EPSS

CVE•added 2023/01/13 1:15 a.m.•42 views

CVE-2022-46478

The RPC interface in datax-web v1.0.0 and v2.0.0 to v2.1.2 contains no permission checks by default which allows attackers to execute arbitrary commands via crafted Hessian serialized data.

9.8CVSS9.6AI score0.001EPSS