CVE-2024-24004
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
jshERP v3.3 is vulnerable to SQL Injection. The com.jsh.erp.controller.DepotHeadController: com.jsh.erp.utils.BaseResponseInfo findInOutDetail() function of jshERP does not filter `column` and `order` parameters well enough, and an attacker can construct malicious payload to bypass jshERP's protection mechanism in `safeSqlParse` method for sql injection.
jshERP v3.3 es vulnerable a la inyección SQL. La función com.jsh.erp.controller.DepotHeadController: com.jsh.erp.utils.BaseResponseInfo findInOutDetail() de jshERP no filtra los parámetros de `columna` y `orden` lo suficientemente bien, y un atacante puede construir un payload malicioso para eludir los parámetros de jshERP Mecanismo de protección en el método `safeSqlParse` para inyección SQL.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2024-01-25 CVE Reserved
- 2024-02-06 CVE Published
- 2024-02-09 EPSS Updated
- 2024-08-19 CVE Updated
- 2024-08-19 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/24004.txt | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://github.com/jishenghua/jshERP/issues/99 | 2024-08-19 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Jishenghua Search vendor "Jishenghua" | Jsherp Search vendor "Jishenghua" for product "Jsherp" | 3.3 Search vendor "Jishenghua" for product "Jsherp" and version "3.3" | - |
Affected
| ||||||