Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jeecg jeecg boot vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-45207
Jeecg-boot v3.4.3 exists to contain a SQL injection vulnerability via the component updateNullByEmptyString.
Jeecg Jeecg Boot 3.4.3
NA
CVE-2022-45208
Jeecg-boot v3.4.3 exists to contain a SQL injection vulnerability via the component /sys/user/putRecycleBin.
Jeecg Jeecg Boot 3.4.3
NA
CVE-2022-45210
Jeecg-boot v3.4.3 exists to contain a SQL injection vulnerability via the component /sys/user/deleteRecycleBin.
Jeecg Jeecg Boot 3.4.3
NA
CVE-2023-1454
A vulnerability classified as critical has been found in jeecg-boot 3.5.0. This affects an unknown part of the file jmreport/qurestSql. The manipulation of the argument apiSelectId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclo...
Jeecg Jeecg-boot 3.5.0
7 Github repositories
668
VMScore
CVE-2020-28088
An arbitrary file upload vulnerability in /jeecg-boot/sys/common/upload of jeecg-boot CMS 2.3 allows malicious users to execute arbitrary code.
Jeecg Jeecg Boot 2.3
383
VMScore
CVE-2021-44585
A Cross Site Scripting (XSS) vulnerabilitiy exits in jeecg-boot 3.0 in /jeecg-boot/jmreport/view with a mouseover event.
Jeecg Jeecg Boot 3.0
445
VMScore
CVE-2020-28087
A SQL injection vulnerability in /jeecg boot/sys/dict/loadtreedata of jeecg-boot CMS 2.3 allows malicious users to access sensitive database information.
Jeecg Jeecg Boot 2.3
NA
CVE-2021-37304
An Insecure Permissions issue in jeecg-boot 2.4.5 allows unauthenticated remote malicious users to gain escalated privilege and view sensitive information via the httptrace interface.
Jeecg Jeecg
NA
CVE-2021-37305
An Insecure Permissions issue in jeecg-boot 2.4.5 and previous versions allows remote malicious users to gain escalated privilege and view sensitive information via api uri: /sys/user/querySysUser?username=admin.
Jeecg Jeecg
NA
CVE-2021-37306
An Insecure Permissions issue in jeecg-boot 2.4.5 and previous versions allows remote malicious users to gain escalated privilege and view sensitive information via api uri: api uri:/sys/user/checkOnlyUser?username=admin.
Jeecg Jeecg
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »