Ketr Jepaas

6 CVEs affecting Ketr Jepaas. Latest disclosed: 2025-12-25. Critical: 2, High: 1.

Top CVEs affecting Ketr Jepaas
CVESeverityScorePublishedSummary
CVE-2024-46535Critical9.82024-10-14Jepaas v7.2.8 was discovered to contain a SQL injection vulnerability via the orderSQL parameter at /homePortal/loadUserMsg.
CVE-2024-51164Critical9.12024-11-15Multiple parameters have SQL injection vulnerability in JEPaaS 7.2.8 via /je/login/btnLog/insertBtnLog, which could allow a remote user to submit a specially c…
CVE-2024-51165High7.52024-12-10SQL injection vulnerability in JEPAAS7.2.8, via /je/rbac/rbac/loadLoginCount in the dateVal parameter, which could allow a remote user to submit a specially cr…
CVE-2025-15088Medium6.32025-12-25A vulnerability was detected in ketr JEPaaS up to 7.2.8. Affected by this vulnerability is the function postilService.loadPostils of the file /je/postil/postil…
CVE-2025-14088Medium6.32025-12-05A vulnerability was determined in ketr JEPaaS up to 7.2.8. Affected by this vulnerability is an unknown functionality of the file /je/load. This manipulation o…
CVE-2025-14694Medium4.72025-12-15A vulnerability was found in ketr JEPaaS up to 7.2.8. This impacts the function readAllPostil of the file /je/postil/postil/readAllPostil. Performing a manipul…