Lucene search
K
WitmyMy-springsecurity-plus

4 matches found

CVE
CVE
added 2024/07/11 3:0 p.m.81 views

CVE-2024-6679

CVE-2024-6679 affects witmy my-springsecurity-plus (up to 2024-07-04). The flaw exists in the /api/role endpoint where manipulating the argument params.dataScope enables SQL injection. It can be exploited remotely and the vulnerability has been publicly disclosed. Multiple sources (NVD, CVE List,...

9.8CVSS6.9AI score0.00566EPSS
Web
CVE
CVE
added 2024/07/11 4:0 p.m.81 views

CVE-2024-6680

CVE-2024-6680 affects witmy my-springsecurity-plus up to 2024-07-04. The vulnerability arises from manipulating the params.dataScope argument in /api/dept/build, enabling remote SQL injection. Exploit disclosed publicly; impact stated as high for confidentiality, integrity, and availability. No r...

9.8CVSS6.9AI score0.00473EPSS
Web
CVE
CVE
added 2024/07/11 2:0 a.m.79 views

CVE-2024-6676

witmy my-springsecurity-plus is affected by a SQL injection in /api/user triggered by manipulating the params.dataScope argument. The vulnerability has remote potential and has been disclosed publicly. Multiple sources (including CVE-2024-6676 records and PT-2024-37793) confirm a critical issue w...

8.8CVSS6.8AI score0.00446EPSS
Web
CVE
CVE
added 2024/07/11 4:31 p.m.79 views

CVE-2024-6681

Affected product: witmy my-springsecurity-plus (up to 2024-07-04). Vulnerability: SQL injection via manipulation of the argument params.dataScope in the endpoint /api/dept, leading to potential remote exploitation. Multiple sources confirm the issue and public disclosure of the exploit. Impact (a...

9.8CVSS6.8AI score0.00473EPSS
Web