Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jeecg jeecg boot vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34659
jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface.
Jeecg Jeecg Boot 3.5.0
Jeecg Jeecg Boot 3.5.1
NA
CVE-2023-34660
jjeecg-boot V3.5.0 has an unauthorized arbitrary file upload in /jeecg-boot/jmreport/upload interface.
Jeecg Jeecg Boot 3.5.0
Jeecg Jeecg Boot 3.5.1
NA
CVE-2023-40989
SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote malicious user to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component.
Jeecg Jeecg Boot 3.0
Jeecg Jeecg Boot 3.5.3
NA
CVE-2023-42268
Jeecg boot up to v3.5.3 exists to contain a SQL injection vulnerability via the component /jeecg-boot/jmreport/show.
Jeecg Jeecg Boot
1 Github repository
NA
CVE-2023-38905
SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local malicious user to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions.
Jeecg Jeecg Boot
NA
CVE-2023-41542
SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote malicious users to escalate privileges and obtain sensitive information via the jmreport/qurestSql component.
Jeecg Jeecg Boot
NA
CVE-2023-41543
SQL injection vulnerability in jeecg-boot v3.5.3, allows remote malicious users to escalate privileges and obtain sensitive information via the component /sys/replicate/check.
Jeecg Jeecg Boot
NA
CVE-2023-41544
SSTI injection vulnerability in jeecg-boot version 3.5.3, allows remote malicious users to execute arbitrary code via crafted HTTP request to the /jmreport/loadTableData component.
Jeecg Jeecg Boot
NA
CVE-2023-41578
Jeecg boot up to v3.5.3 exists to contain an arbitrary file read vulnerability via the interface /testConnection.
Jeecg Jeecg Boot
1 Github repository
668
VMScore
CVE-2022-22880
Jeecg-boot v3.0 exists to contain a SQL injection vulnerability via the code parameter in /jeecg-boot/sys/user/queryUserByDepId.
Jeecg Jeecg Boot
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »