Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jeecg jeecg boot vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-40989
SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote malicious user to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component.
Jeecg Jeecg Boot 3.0
Jeecg Jeecg Boot 3.5.3
NA
CVE-2023-34659
jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface.
Jeecg Jeecg Boot 3.5.0
Jeecg Jeecg Boot 3.5.1
NA
CVE-2023-34660
jjeecg-boot V3.5.0 has an unauthorized arbitrary file upload in /jeecg-boot/jmreport/upload interface.
Jeecg Jeecg Boot 3.5.0
Jeecg Jeecg Boot 3.5.1
NA
CVE-2023-41542
SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote malicious users to escalate privileges and obtain sensitive information via the jmreport/qurestSql component.
Jeecg Jeecg Boot
NA
CVE-2023-41543
SQL injection vulnerability in jeecg-boot v3.5.3, allows remote malicious users to escalate privileges and obtain sensitive information via the component /sys/replicate/check.
Jeecg Jeecg Boot
NA
CVE-2023-41544
SSTI injection vulnerability in jeecg-boot version 3.5.3, allows remote malicious users to execute arbitrary code via crafted HTTP request to the /jmreport/loadTableData component.
Jeecg Jeecg Boot
NA
CVE-2023-41578
Jeecg boot up to v3.5.3 exists to contain an arbitrary file read vulnerability via the interface /testConnection.
Jeecg Jeecg Boot
1 Github repository
NA
CVE-2023-38905
SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local malicious user to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions.
Jeecg Jeecg Boot
NA
CVE-2022-2647
A vulnerability was found in jeecg-boot. It has been declared as critical. This vulnerability affects unknown code of the file /api/. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the pu...
Jeecg Jeecg Boot -
7.5
CVSSv2
CVE-2022-22880
Jeecg-boot v3.0 exists to contain a SQL injection vulnerability via the code parameter in /jeecg-boot/sys/user/queryUserByDepId.
Jeecg Jeecg Boot
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »