Submit #708321: 北京凯特伟业科技有限公司 jepaas v7.2.8 SQL Injectioninfo

Title北京凯特伟业科技有限公司 jepaas v7.2.8 SQL Injection
DescriptionJEPaaS v7.2.8 /je/postil/postil/loadPostil interface SQL injection vulnerability The keyWord parameter uses string concatenation, leading to a SQL injection vulnerability. https://github.com/ha1yu-Yiqiyin/warehouse/blob/main/jepaas-v7.2.8-sqlinject1.md
Source⚠️ https://github.com/ha1yu-Yiqiyin/warehouse/blob/main/jepaas-v7.2.8-sqlinject1.md
User
 red0_ha1yu (UID 61457)
Submission12/07/2025 13:19 (6 months ago)
Moderation12/25/2025 10:52 (18 days later)
StatusAccepted
VulDB entry338416 [ketr JEPaaS up to 7.2.8 loadPostil postilService.loadPostils keyWord sql injection]
Points18

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!