CVE-2024-24002
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
jshERP v3.3 is vulnerable to SQL Injection. The com.jsh.erp.controller.MaterialController: com.jsh.erp.utils.BaseResponseInfo getListWithStock() function of jshERP does not filter `column` and `order` parameters well enough, and an attacker can construct malicious payload to bypass jshERP's protection mechanism in `safeSqlParse` method for sql injection.
jshERP v3.3 es vulnerable a la inyección SQL. La función com.jsh.erp.controller.MaterialController: com.jsh.erp.utils.BaseResponseInfo getListWithStock() de jshERP no filtra los parámetros de `columna` y `orden` lo suficientemente bien, y un atacante puede construir un payload malicioso para eludir los de jshERP. Mecanismo de protección en el método `safeSqlParse` para inyección SQL.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2024-01-25 CVE Reserved
- 2024-02-06 CVE Published
- 2024-02-09 EPSS Updated
- 2024-08-26 CVE Updated
- 2024-08-26 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/24002.txt | Third Party Advisory |
URL | Date | SRC |
---|---|---|
https://github.com/jishenghua/jshERP/issues/99 | 2024-08-26 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Jishenghua Search vendor "Jishenghua" | Jsherp Search vendor "Jishenghua" for product "Jsherp" | 3.3 Search vendor "Jishenghua" for product "Jsherp" and version "3.3" | - |
Affected
|