Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-33124 | 1 Roothub | 1 Roothub | 2025-05-01 | N/A | 9.8 CRITICAL |
| Roothub v2.6 was discovered to contain a SQL injection vulnerability via the nodeTitle parameter in the parentNode() function.. | |||||
| CVE-2024-33120 | 1 Roothub | 1 Roothub | 2025-05-01 | N/A | 9.8 CRITICAL |
| Roothub v2.5 was discovered to contain an arbitrary file upload vulnerability via the customPath parameter in the upload() function. This vulnerability allows attackers to execute arbitrary code via a crafted JSP file. | |||||
| CVE-2024-33122 | 1 Roothub | 1 Roothub | 2025-05-01 | N/A | 6.3 MEDIUM |
| Roothub v2.6 was discovered to contain a SQL injection vulnerability via the topic parameter in the list() function. | |||||
| CVE-2022-28052 | 1 Roothub | 1 Roothub | 2024-11-21 | 6.0 MEDIUM | 8.0 HIGH |
| Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution. | |||||