Filtered by vendor Roothub
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-33124 | 1 Roothub | 1 Roothub | 2025-05-01 | 9.8 Critical |
| Roothub v2.6 was discovered to contain a SQL injection vulnerability via the nodeTitle parameter in the parentNode() function.. | ||||
| CVE-2024-33120 | 2 Roothub, Roothub Project | 2 Roothub, Roothub | 2025-05-01 | 9.8 Critical |
| Roothub v2.5 was discovered to contain an arbitrary file upload vulnerability via the customPath parameter in the upload() function. This vulnerability allows attackers to execute arbitrary code via a crafted JSP file. | ||||
| CVE-2024-33122 | 1 Roothub | 1 Roothub | 2025-05-01 | 6.3 Medium |
| Roothub v2.6 was discovered to contain a SQL injection vulnerability via the topic parameter in the list() function. | ||||
| CVE-2024-33121 | 1 Roothub | 1 Roothub | 2024-11-21 | 6.3 Medium |
| Roothub v2.6 was discovered to contain a SQL injection vulnerability via the 's' parameter in the search() function. | ||||
| CVE-2022-28052 | 1 Roothub | 1 Roothub | 2024-11-21 | 8.0 High |
| Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution. | ||||
Page 1 of 1.