Total
15274 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-33444 | 1 Onethink | 1 Onethink | 2025-04-16 | N/A | 9.8 CRITICAL |
| SQL injection vulnerability in onethink v.1.1 allows a remote attacker to escalate privileges via a crafted script to the ModelModel.class.php component. | |||||
| CVE-2024-2587 | 1 Amss\+\+ Project | 1 Amss\+\+ | 2025-04-16 | N/A | 8.2 HIGH |
| Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetail_khet_person.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB. | |||||
| CVE-2024-2588 | 1 Amss\+\+ Project | 1 Amss\+\+ | 2025-04-16 | N/A | 8.2 HIGH |
| Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/admin/index.php, in the 'id' parameter. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the DB. | |||||
| CVE-2024-33146 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 9.1 CRITICAL |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the export function. | |||||
| CVE-2024-33164 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 9.8 CRITICAL |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the authUserList() function. | |||||
| CVE-2024-33161 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 5.3 MEDIUM |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the unallocatedList() function. | |||||
| CVE-2024-33155 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 9.8 CRITICAL |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the getDeptList() function. | |||||
| CVE-2024-33153 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 9.8 CRITICAL |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the commentList() function. | |||||
| CVE-2024-33149 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 8.1 HIGH |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the myProcessList function. | |||||
| CVE-2024-33148 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 7.3 HIGH |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the list function. | |||||
| CVE-2024-33147 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 8.8 HIGH |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the authRoleList function. | |||||
| CVE-2022-1887 | 2 Apple, Mozilla | 2 Iphone Os, Firefox | 2025-04-16 | N/A | 9.8 CRITICAL |
| The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS < 101. | |||||
| CVE-2024-33144 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 8.8 HIGH |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the findApplyedTasksPage function in BpmTaskMapper.xml. | |||||
| CVE-2024-33139 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 7.5 HIGH |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the findpage function. | |||||
| CVE-2024-35091 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 9.8 CRITICAL |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysTenantMapper.xml. | |||||
| CVE-2024-35090 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 8.2 HIGH |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysUreportFileMapper.xml. | |||||
| CVE-2024-35086 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 9.8 CRITICAL |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in BpmTaskFromMapper.xml . | |||||
| CVE-2024-35085 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 5.4 MEDIUM |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in ProcessDefinitionMapper.xml. | |||||
| CVE-2024-35084 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 9.8 CRITICAL |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysMsgPushMapper.xml. | |||||
| CVE-2024-35083 | 1 J2eefast | 1 J2eefast | 2025-04-16 | N/A | 8.8 HIGH |
| J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function in SysLoginInfoMapper.xml. | |||||