CVE-2023-1741 – jeecg-boot Sleep Command SysDictMapper.java sql injection
https://notcve.org/view.php?id=CVE-2023-1741
A vulnerability was found in jeecg-boot 3.5.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file SysDictMapper.java of the component Sleep Command Handler. The manipulation leads to sql injection. The attack can be launched remotely. • https://github.com/private-null/report/blob/main/README.md https://vuldb.com/?ctiid.224629 https://vuldb.com/?id.224629 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2022-47105
https://notcve.org/view.php?id=CVE-2022-47105
Jeecg-boot v3.4.4 was discovered to contain a SQL injection vulnerability via the component /sys/dict/queryTableData. Se descubrió que Jeecg-boot v3.4.4 contiene una vulnerabilidad de inyección SQL a través del componente /sys/dict/queryTableData. • https://github.com/jeecgboot/jeecg-boot/issues/4393 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2022-45208
https://notcve.org/view.php?id=CVE-2022-45208
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/putRecycleBin. Se descubrió que Jeecg-boot v3.4.3 contiene una vulnerabilidad de inyección SQL a través del componente /sys/user/putRecycleBin. • http://jeecg-boot.com https://github.com/jeecgboot/jeecg-boot/issues/4126 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2022-45207
https://notcve.org/view.php?id=CVE-2022-45207
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component updateNullByEmptyString. Se descubrió que Jeecg-boot v3.4.3 contiene una vulnerabilidad de inyección SQL a través del componente updateNullByEmptyString. • http://jeecg-boot.com https://github.com/jeecgboot/jeecg-boot/issues/4127 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2022-45206
https://notcve.org/view.php?id=CVE-2022-45206
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/duplicate/check. Se descubrió que Jeecg-boot v3.4.3 contiene una vulnerabilidad de inyección SQL a través del componente /sys/duplicate/check. • http://jeecg-boot.com https://github.com/jeecgboot/jeecg-boot/issues/4129 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •