NotCVE - vendor:"Jeecg" product:"Jeecgboot" version:" <= 3.5.1"

2 results (0.004 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-34602

https://notcve.org/view.php?id=CVE-2023-34602

19 Jun 2023 — JeecgBoot up to v 3.5.1 was discovered to contain a SQL injection vulnerability via the component queryTableDictItemsByCode at org.jeecg.modules.api.controller.SystemApiController. • https://github.com/jeecgboot/jeecg-boot/issues/4983 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-34603

https://notcve.org/view.php?id=CVE-2023-34603

19 Jun 2023 — JeecgBoot up to v 3.5.1 was discovered to contain a SQL injection vulnerability via the component queryFilterTableDictInfo at org.jeecg.modules.api.controller.SystemApiController. • https://github.com/jeecgboot/jeecg-boot/issues/4984 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •