Roothub@2.6.0 Security Vulnerabilities and Issues — Roothub@2.6.0 CVE List

Lucene search

RoothubRoothub2.6.0

4 matches found

CVE•added 2022/04/13 3:15 p.m.•57 views

CVE-2022-28052

Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution.

8CVSS8.1AI score0.02037EPSS

CVE•added 2024/05/07 3:15 p.m.•46 views

CVE-2024-33122

Roothub v2.6 was discovered to contain a SQL injection vulnerability via the topic parameter in the list() function.

6.3CVSS8.2AI score0.00074EPSS

CVE•added 2024/05/06 8:15 p.m.•43 views

CVE-2024-33121

Roothub v2.6 was discovered to contain a SQL injection vulnerability via the 's' parameter in the search() function.

6.3CVSS8.2AI score0.00074EPSS

CVE•added 2024/05/07 3:15 p.m.•43 views

CVE-2024-33124

Roothub v2.6 was discovered to contain a SQL injection vulnerability via the nodeTitle parameter in the parentNode() function..

9.8CVSS8.2AI score0.00118EPSS