Skip to main content

My Springsecurity Plus

8 CVEs product

Monthly

CVE-2024-40542 CRITICAL POC Act Now

my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/role?offset. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi My Springsecurity Plus
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2024-40541 CRITICAL POC Act Now

my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept/build. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi My Springsecurity Plus
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2024-40540 CRITICAL POC Act Now

my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi My Springsecurity Plus
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-40539 CRITICAL POC Act Now

my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/user. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi My Springsecurity Plus
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-6681 MEDIUM This Month

A vulnerability, which was classified as critical, has been found in witmy my-springsecurity-plus up to 2024-07-04. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi My Springsecurity Plus
NVD VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-6680 MEDIUM This Month

A vulnerability classified as critical was found in witmy my-springsecurity-plus up to 2024-07-04. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi My Springsecurity Plus
NVD VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-6679 MEDIUM This Month

A vulnerability classified as critical has been found in witmy my-springsecurity-plus up to 2024-07-04. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi My Springsecurity Plus
NVD VulDB
CVSS 4.0
5.3
EPSS
0.6%
CVE-2024-6676 MEDIUM This Month

A vulnerability has been found in witmy my-springsecurity-plus up to 2024-07-03 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi My Springsecurity Plus
NVD VulDB
CVSS 4.0
5.3
EPSS
0.4%
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/role?offset. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi My Springsecurity Plus
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept/build. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi My Springsecurity Plus
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi My Springsecurity Plus
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/user. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi My Springsecurity Plus
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability, which was classified as critical, has been found in witmy my-springsecurity-plus up to 2024-07-04. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi My Springsecurity Plus
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability classified as critical was found in witmy my-springsecurity-plus up to 2024-07-04. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi My Springsecurity Plus
NVD VulDB
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability classified as critical has been found in witmy my-springsecurity-plus up to 2024-07-04. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi My Springsecurity Plus
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability has been found in witmy my-springsecurity-plus up to 2024-07-03 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi My Springsecurity Plus
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy