Jeecg Boot@* Security Vulnerabilities and Issues — Jeecg Boot@* CVE List

Lucene search

JeecgJeecg Boot*

6 matches found

CVE•added 2023/12/30 4:15 a.m.•58 views

CVE-2023-41544

SSTI injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to execute arbitrary code via crafted HTTP request to the /jmreport/loadTableData component.

9.8CVSS9.7AI score0.17615EPSS

CVE•added 2023/09/08 7:15 p.m.•43 views

CVE-2023-42268

Jeecg boot up to v3.5.3 was discovered to contain a SQL injection vulnerability via the component /jeecg-boot/jmreport/show.

9.8CVSS9.8AI score0.00344EPSS

CVE•added 2023/09/08 7:15 p.m.•42 views

CVE-2023-41578

Jeecg boot up to v3.5.3 was discovered to contain an arbitrary file read vulnerability via the interface /testConnection.

7.5CVSS7.5AI score0.01462EPSS

CVE•added 2023/12/30 2:15 a.m.•41 views

CVE-2023-41542

SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component.

9.8CVSS9.7AI score0.00227EPSS

CVE•added 2023/12/30 2:15 a.m.•38 views

CVE-2023-41543

SQL injection vulnerability in jeecg-boot v3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the component /sys/replicate/check.

9.8CVSS9.6AI score0.00968EPSS

CVE•added 2023/08/17 7:15 p.m.•33 views

CVE-2023-38905

SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions.

5.5CVSS5.7AI score0.00069EPSS