Filtered by vendor Jeecg Subscriptions
Filtered by product Jeecg Boot Subscriptions
Total 25 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-22880 1 Jeecg 1 Jeecg Boot 2024-11-21 9.8 Critical
Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /jeecg-boot/sys/user/queryUserByDepId.
CVE-2021-46089 1 Jeecg 1 Jeecg Boot 2024-11-21 9.8 Critical
In JeecgBoot 3.0, there is a SQL injection vulnerability that can operate the database with root privileges.
CVE-2021-44585 1 Jeecg 1 Jeecg Boot 2024-11-21 6.1 Medium
A Cross Site Scripting (XSS) vulnerabilitiy exits in jeecg-boot 3.0 in /jeecg-boot/jmreport/view with a mouseover event.
CVE-2020-28088 1 Jeecg 1 Jeecg Boot 2024-11-21 9.8 Critical
An arbitrary file upload vulnerability in /jeecg-boot/sys/common/upload of jeecg-boot CMS 2.3 allows attackers to execute arbitrary code.
CVE-2020-28087 1 Jeecg 1 Jeecg Boot 2024-11-21 7.5 High
A SQL injection vulnerability in /jeecg boot/sys/dict/loadtreedata of jeecg-boot CMS 2.3 allows attackers to access sensitive database information.