CVE-2024-33149 | J2EEFAST 2.7.0 myProcessList sql_filter sql injection

Inserito da Angelo Barbosa | Mag 7, 2024 | CVE

A vulnerability, which was classified as critical, was found in J2EEFAST 2.7.0. Affected is the function myProcessList. The manipulation of the argument sql_filter leads to sql injection.

This vulnerability is traded as CVE-2024-33149. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-33149 | J2EEFAST 2.7.0 myProcessList sql_filter sql injection

Post correlati

CVE-2024-3344 | Otter Blocks Plugin up to 2.6.8 on WordPress cross site scripting

CVE-2024-8996 | Grafana Agent Flow up to 0.43.1 on Windows Flow Mode unquoted search path

CVE-2024-35234 | Discourse up to 3.2.2/3.3.0.beta2 Meta Tag cross site scripting (GHSA-5chg-hm8c-wc58)

CVE-2024-38820 | VMware Spring up to 5.3.40/6.0.24/6.1.13 DataBinder String.toLowerCase access control