Powerjob

powerjob

12 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (12)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-14518 1Powerjob 1Powerjob Apr 29, 2026 Dec 11, 2025 2.1 LOW· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability was identified in PowerJob up to 5.1.2. This vulnerability affects the function checkConnectivity of the file src/main/java/tech/powerjob/common/utils/net/PingPongUtils.java of the component Network Reque...Show more A vulnerability was identified in PowerJob up to 5.1.2. This vulnerability affects the function checkConnectivity of the file src/main/java/tech/powerjob/common/utils/net/PingPongUtils.java of the component Network Request Handler. The manipulation of the argument targetIp/targetPort leads to server-side request forgery. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.Show less
CVE-2025-11581 1Powerjob 1Powerjob Feb 24, 2026 Oct 10, 2025 5.5 MEDIUM· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization...Show more A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.Show less
CVE-2025-11580 1Powerjob 1Powerjob Feb 24, 2026 Oct 10, 2025 5.5 MEDIUM· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 A weakness has been identified in PowerJob up to 5.1.2. This affects the function list of the file /user/list. This manipulation causes missing authorization. The attack can be initiated remotely. The exploit has been ma...Show more A weakness has been identified in PowerJob up to 5.1.2. This affects the function list of the file /user/list. This manipulation causes missing authorization. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.Show less
CVE-2024-44546 1Powerjob 1Powerjob Jun 27, 2025 Nov 11, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Powerjob >= 3.20 is vulnerable to SQL injection via the version parameter.
CVE-2023-36106 1Powerjob 1Powerjob Nov 21, 2024 Aug 17, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list.
CVE-2023-37754 1Powerjob 1Powerjob Nov 21, 2024 Jul 28, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 PowerJob v4.3.3 was discovered to contain a remote command execution (RCE) vulnerability via the instanceId parameter at /instance/detail.
CVE-2023-29924 1Powerjob 1Powerjob Feb 5, 2025 Apr 21, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 PowerJob V4.3.1 is vulnerable to Incorrect Access Control that allows for remote code execution.
CVE-2023-29926 1Powerjob 1Powerjob Feb 5, 2025 Apr 20, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 PowerJob V4.3.2 has unauthorized interface that causes remote code execution.
CVE-2023-29922 1Powerjob 1Powerjob Feb 5, 2025 Apr 19, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create user/save interface.
CVE-2023-29923 1Powerjob 1Powerjob Feb 5, 2025 Apr 19, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 PowerJob V4.3.1 is vulnerable to Insecure Permissions. via the list job interface.
CVE-2023-29921 1Powerjob 1Powerjob Feb 5, 2025 Apr 19, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create app interface.
CVE-2020-28865 1Powerjob 1Powerjob Nov 21, 2024 Jun 16, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in PowerJob through 3.2.2, allows attackers to change arbitrary user passwords via the id parameter to /appinfo/save.