CVE-2024-33155 | J2EEFAST 2.7.0 getDeptList sql_filter sql injection

Posted by Angelo Barbosa | May 7, 2024 | CVE

A vulnerability was found in J2EEFAST 2.7.0 and classified as critical. This issue affects the function getDeptList. The manipulation of the argument sql_filter leads to sql injection.

The identification of this vulnerability is CVE-2024-33155. The attack may be initiated remotely. There is no exploit available.

CVE-2024-33155 | J2EEFAST 2.7.0 getDeptList sql_filter sql injection

Related Posts

CVE-2023-7180 | Tongda OA 2017 up to 11.9 delete.php PROJ_ID_STR sql injection

CVE-2024-0278 | Kashipara Food Management System up to 1.0 partylist_edit_submit.php id sql injection

CVE-2024-7162 | SeaCMS 12.9/13.0 post.php yzm cross site scripting (Issue 29)

CVE-2024-8614 | WP JobSearch Plugin up to 2.6.7 on WordPress unrestricted upload