Filtered by vendor Roothub Subscriptions
Filtered by product Roothub Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-33121 1 Roothub 1 Roothub 2024-11-21 6.3 Medium
Roothub v2.6 was discovered to contain a SQL injection vulnerability via the 's' parameter in the search() function.
CVE-2024-33124 1 Roothub 1 Roothub 2024-11-21 9.8 Critical
Roothub v2.6 was discovered to contain a SQL injection vulnerability via the nodeTitle parameter in the parentNode() function..
CVE-2022-28052 1 Roothub 1 Roothub 2024-11-21 8.0 High
Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution.