1 results (0.002 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0738 – 个人开源 mldong DecisionModel.java ExpressionEngine code injection
https://notcve.org/view.php?id=CVE-2024-0738
A vulnerability, which was classified as critical, has been found in 个人开源 mldong 1.0. This issue affects the function ExpressionEngine of the file com/mldong/modules/wf/engine/model/DecisionModel.java. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/biantaibao/mldong_RCE/blob/main/RCE.md https://vuldb.com/?ctiid.251561 https://vuldb.com/?id.251561 • CWE-94: Improper Control of Generation of Code ('Code Injection') •