Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jeecg jeecg vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-40989
SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote malicious user to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component.
Jeecg Jeecg Boot 3.0
Jeecg Jeecg Boot 3.5.3
NA
CVE-2023-34659
jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface.
Jeecg Jeecg Boot 3.5.0
Jeecg Jeecg Boot 3.5.1
NA
CVE-2023-34660
jjeecg-boot V3.5.0 has an unauthorized arbitrary file upload in /jeecg-boot/jmreport/upload interface.
Jeecg Jeecg Boot 3.5.0
Jeecg Jeecg Boot 3.5.1
NA
CVE-2021-37305
An Insecure Permissions issue in jeecg-boot 2.4.5 and previous versions allows remote malicious users to gain escalated privilege and view sensitive information via api uri: /sys/user/querySysUser?username=admin.
Jeecg Jeecg
NA
CVE-2021-37306
An Insecure Permissions issue in jeecg-boot 2.4.5 and previous versions allows remote malicious users to gain escalated privilege and view sensitive information via api uri: api uri:/sys/user/checkOnlyUser?username=admin.
Jeecg Jeecg
NA
CVE-2021-37304
An Insecure Permissions issue in jeecg-boot 2.4.5 allows unauthenticated remote malicious users to gain escalated privilege and view sensitive information via the httptrace interface.
Jeecg Jeecg
NA
CVE-2023-49442
Deserialization of Untrusted Data in jeecgFormDemoController in JEECG 4.0 and previous versions allows malicious users to run arbitrary code via crafted POST request.
Jeecg Jeecg
1 Github repository
NA
CVE-2023-42268
Jeecg boot up to v3.5.3 exists to contain a SQL injection vulnerability via the component /jeecg-boot/jmreport/show.
Jeecg Jeecg Boot
1 Github repository
668
VMScore
CVE-2022-22880
Jeecg-boot v3.0 exists to contain a SQL injection vulnerability via the code parameter in /jeecg-boot/sys/user/queryUserByDepId.
Jeecg Jeecg Boot
NA
CVE-2023-24789
jeecg-boot v3.4.4 exists to contain an authenticated SQL injection vulnerability via the building block report component.
Jeecg Jeecg 3.4.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »