Search
Search Results (14 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-5739 | 1 Powerjob | 1 Powerjob | 2026-04-07 | 7.3 High |
| A security flaw has been discovered in PowerJob 5.1.0/5.1.1/5.1.2. The affected element is the function GroovyEvaluator.evaluate of the file /openApi/addWorkflowNode of the component OpenAPI Endpoint. The manipulation of the argument nodeParams results in code injection. The attack can be executed remotely. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-5736 | 1 Powerjob | 1 Powerjob | 2026-04-07 | 7.3 High |
| A vulnerability was identified in PowerJob 5.1.0/5.1.1/5.1.2. Impacted is an unknown function of the file powerjob-server/powerjob-server-starter/src/main/java/tech/powerjob/server/web/controller/InstanceController.java of the component detailPlus Endpoint. The manipulation of the argument customQuery leads to sql injection. Remote exploitation of the attack is possible. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2025-11581 | 1 Powerjob | 1 Powerjob | 2026-02-24 | 5.3 Medium |
| A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2025-11580 | 1 Powerjob | 1 Powerjob | 2026-02-24 | 5.3 Medium |
| A weakness has been identified in PowerJob up to 5.1.2. This affects the function list of the file /user/list. This manipulation causes missing authorization. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2025-14518 | 1 Powerjob | 1 Powerjob | 2026-02-24 | 6.3 Medium |
| A vulnerability was identified in PowerJob up to 5.1.2. This vulnerability affects the function checkConnectivity of the file src/main/java/tech/powerjob/common/utils/net/PingPongUtils.java of the component Network Request Handler. The manipulation of the argument targetIp/targetPort leads to server-side request forgery. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. | ||||
| CVE-2024-44546 | 1 Powerjob | 1 Powerjob | 2025-06-27 | 9.8 Critical |
| Powerjob >= 3.20 is vulnerable to SQL injection via the version parameter. | ||||
| CVE-2023-29924 | 1 Powerjob | 1 Powerjob | 2025-02-05 | 9.8 Critical |
| PowerJob V4.3.1 is vulnerable to Incorrect Access Control that allows for remote code execution. | ||||
| CVE-2023-29923 | 1 Powerjob | 1 Powerjob | 2025-02-05 | 5.3 Medium |
| PowerJob V4.3.1 is vulnerable to Insecure Permissions. via the list job interface. | ||||
| CVE-2023-29922 | 1 Powerjob | 1 Powerjob | 2025-02-05 | 5.3 Medium |
| PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create user/save interface. | ||||
| CVE-2023-29921 | 1 Powerjob | 1 Powerjob | 2025-02-05 | 5.3 Medium |
| PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create app interface. | ||||
| CVE-2023-29926 | 1 Powerjob | 1 Powerjob | 2025-02-05 | 9.8 Critical |
| PowerJob V4.3.2 has unauthorized interface that causes remote code execution. | ||||
| CVE-2023-37754 | 1 Powerjob | 1 Powerjob | 2024-11-21 | 9.8 Critical |
| PowerJob v4.3.3 was discovered to contain a remote command execution (RCE) vulnerability via the instanceId parameter at /instance/detail. | ||||
| CVE-2023-36106 | 1 Powerjob | 1 Powerjob | 2024-11-21 | 7.5 High |
| An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list. | ||||
| CVE-2020-28865 | 1 Powerjob | 1 Powerjob | 2024-11-21 | 7.5 High |
| An issue was discovered in PowerJob through 3.2.2, allows attackers to change arbitrary user passwords via the id parameter to /appinfo/save. | ||||
Page 1 of 1.