CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-48307
https://notcve.org/view.php?id=CVE-2024-48307
31 Oct 2024 — JeecgBoot v3.7.1 was discovered to contain a SQL injection vulnerability via the component /onlDragDatasetHead/getTotalData. Se descubrió que JeecgBoot v3.7.1 contenía una vulnerabilidad de inyección SQL a través del componente /onlDragDatasetHead/getTotalData. • https://github.com/jeecgboot • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-34602
https://notcve.org/view.php?id=CVE-2023-34602
19 Jun 2023 — JeecgBoot up to v 3.5.1 was discovered to contain a SQL injection vulnerability via the component queryTableDictItemsByCode at org.jeecg.modules.api.controller.SystemApiController. • https://github.com/jeecgboot/jeecg-boot/issues/4983 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-34603
https://notcve.org/view.php?id=CVE-2023-34603
19 Jun 2023 — JeecgBoot up to v 3.5.1 was discovered to contain a SQL injection vulnerability via the component queryFilterTableDictInfo at org.jeecg.modules.api.controller.SystemApiController. • https://github.com/jeecgboot/jeecg-boot/issues/4984 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •