Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
anji-plus

report

3 Versions 3 CVEs

Versions

1.4.0

SEMANTIC 1 CVE

1.4.1

SEMANTIC 1 CVE

0

SINGLE_NUMBER 2 CVEs

Recent CVEs

CVE-2024-7314

anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server.

CRITICAL Aug 02, 2024

CVE-2024-5355

A vulnerability, which was classified as critical, has been found in anji-plus AJ-Report up to 1.4.1. This issue affects the function IGroovyHandler. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-266267.

UNKNOWN May 26, 2024

CVE-2024-5354

A vulnerability classified as problematic was found in anji-plus AJ-Report up to 1.4.1. This vulnerability affects unknown code of the file /reportShare/detailByCode. The manipulation of the argument shareToken leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-266266 is the identifier assigned to this vulnerability.

UNKNOWN May 26, 2024