Cjbi Wetech-Cms vulnerabilities
4 known vulnerabilities affecting cjbi/wetech-cms.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-12479P2HIGHCVSS 8.8v1.0v1.1+1 more2024-12-12
CVE-2024-12479 [HIGH] CWE-74 CVE-2024-12479: A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2 and classified as critical. This issue affe
A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2 and classified as critical. This issue affects the function searchTopicByKeyword of the file wetech-cms-master\wetech-core\src\main\java\tech\wetech\cms\dao\TopicDao.java. The manipulation of the argument keyword leads to sql injection. The attack may be initiated remotely. The exploit has been d
nvd
CVE-2024-12480P3HIGHCVSS 8.8v1.0v1.1+1 more2024-12-12
CVE-2024-12480 [HIGH] CWE-74 CVE-2024-12480: A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been classified as critical. Affect
A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been classified as critical. Affected is the function searchTopic of the file wetech-cms-master\wetech-core\src\main\java\tech\wetech\cms\dao\TopicDao.java. The manipulation of the argument con leads to sql injection. It is possible to launch the attack remotely. The exploit has been disc
nvd
CVE-2024-12481P3HIGHCVSS 8.8v1.0v1.1+1 more2024-12-12
CVE-2024-12481 [HIGH] CWE-74 CVE-2024-12481: A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been declared as critical. Affected
A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been declared as critical. Affected by this vulnerability is the function findUser of the file wetech-cms-master\wetech-core\src\main\java\tech\wetech\cms\dao\UserDao.java. The manipulation of the argument searchValue/gId/rId leads to sql injection. The attack can be launched remotely. Th
nvd
CVE-2024-12482P4MEDIUMCVSS 4.3v1.0v1.1+1 more2024-12-12
CVE-2024-12482 [MEDIUM] CWE-23 CVE-2024-12482: A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been rated as problematic. Affected
A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been rated as problematic. Affected by this issue is the function backup of the file wetech-cms-master\wetech-basic-common\src\main\java\tech\wetech\basic\util\BackupFileUtil.java of the component Database Backup Handler. The manipulation of the argument name leads to path traversal: '.
nvd