cjybao

3 exploits Active since Mar 2023
CVE-2024-1709 NOMISEC CRITICAL WORKING POC
Connectwise Screenconnect < 23.9.8 - Authentication Bypass
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems.
1 stars
CVSS 10.0
CVE-2023-1454 NOMISEC MEDIUM SCANNER
jeecg-boot 3.5.0 - SQL Injection
A vulnerability classified as critical has been found in jeecg-boot 3.5.0. This affects an unknown part of the file jmreport/qurestSql. The manipulation of the argument apiSelectId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223299.
CVSS 6.3
CVE-2024-1708 VULNCHECK_XDB HIGH WORKING POC
ConnectWise ScreenConnect Unauthenticated Remote Code Execution
ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker the ability to execute remote code or directly impact confidential data or critical systems.
CVSS 8.4