Total
17787 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-2588 | 1 Amss\+\+ Project | 1 Amss\+\+ | 2025-04-16 | N/A | 8.2 HIGH |
| Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/admin/index.php, in the 'id' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB. | |||||
| CVE-2024-33146 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 9.1 CRITICAL |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the export function. | |||||
| CVE-2024-33164 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 9.8 CRITICAL |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the authUserList() function. | |||||
| CVE-2024-33161 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 5.3 MEDIUM |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the unallocatedList() function. | |||||
| CVE-2024-33155 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 9.8 CRITICAL |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the getDeptList() function. | |||||
| CVE-2024-33153 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 9.8 CRITICAL |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the commentList() function. | |||||
| CVE-2024-33149 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 8.1 HIGH |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the myProcessList function. | |||||
| CVE-2024-33148 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 7.3 HIGH |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the list function. | |||||
| CVE-2024-33147 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 8.8 HIGH |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the authRoleList function. | |||||
| CVE-2022-1887 | 2 Apple, Mozilla | 2 Iphone Os, Firefox | 2025-04-16 | N/A | 9.8 CRITICAL |
| The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS < 101. | |||||
| CVE-2024-33144 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 8.8 HIGH |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the findApplyedTasksPage function in BpmTaskMapper.xml. | |||||
| CVE-2024-33139 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 7.5 HIGH |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the findpage function. | |||||
| CVE-2024-35091 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 9.8 CRITICAL |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysTenantMapper.xml. | |||||
| CVE-2024-35090 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 8.2 HIGH |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysUreportFileMapper.xml. | |||||
| CVE-2024-35086 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 9.8 CRITICAL |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in BpmTaskFromMapper.xml . | |||||
| CVE-2024-35085 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 5.4 MEDIUM |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in ProcessDefinitionMapper.xml. | |||||
| CVE-2024-35084 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 9.8 CRITICAL |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysMsgPushMapper.xml. | |||||
| CVE-2024-35083 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 8.8 HIGH |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysLoginInfoMapper.xml. | |||||
| CVE-2024-35082 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 6.3 MEDIUM |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysOperLogMapper.xml. | |||||
| CVE-2021-40617 | 1 Os4ed | 1 Opensis | 2025-04-16 | 7.5 HIGH | 9.8 CRITICAL |
| An SQL Injection vulnerability exists in openSIS Community Edition version 8.0 via ForgotPassUserName.php. | |||||