Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jeecg jeecg boot vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-40989
SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote malicious user to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component.
Jeecg Jeecg Boot 3.0
Jeecg Jeecg Boot 3.5.3
NA
CVE-2023-34659
jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface.
Jeecg Jeecg Boot 3.5.0
Jeecg Jeecg Boot 3.5.1
NA
CVE-2023-34660
jjeecg-boot V3.5.0 has an unauthorized arbitrary file upload in /jeecg-boot/jmreport/upload interface.
Jeecg Jeecg Boot 3.5.0
Jeecg Jeecg Boot 3.5.1
NA
CVE-2023-41542
SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote malicious users to escalate privileges and obtain sensitive information via the jmreport/qurestSql component.
Jeecg Jeecg Boot
NA
CVE-2023-41543
SQL injection vulnerability in jeecg-boot v3.5.3, allows remote malicious users to escalate privileges and obtain sensitive information via the component /sys/replicate/check.
Jeecg Jeecg Boot
NA
CVE-2023-41544
SSTI injection vulnerability in jeecg-boot version 3.5.3, allows remote malicious users to execute arbitrary code via crafted HTTP request to the /jmreport/loadTableData component.
Jeecg Jeecg Boot
NA
CVE-2023-41578
Jeecg boot up to v3.5.3 exists to contain an arbitrary file read vulnerability via the interface /testConnection.
Jeecg Jeecg Boot
1 Github repository
NA
CVE-2023-42268
Jeecg boot up to v3.5.3 exists to contain a SQL injection vulnerability via the component /jeecg-boot/jmreport/show.
Jeecg Jeecg Boot
1 Github repository
NA
CVE-2022-2647
A vulnerability was found in jeecg-boot. It has been declared as critical. This vulnerability affects unknown code of the file /api/. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the pu...
Jeecg Jeecg Boot -
NA
CVE-2023-38905
SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local malicious user to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions.
Jeecg Jeecg Boot
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »