📦 Alldata

Name: Alldata
Author: Alldata

by Alldata

🔍 What is Alldata?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2024-29432

CRITICAL CVSS 9.8 Apr 2, 2024

Alldata v0.4.6 contains a SQL injection vulnerability in the tablename parameter at the /data/masterdata/datas endpoint. This allows attackers to execute arbitrary SQL commands on the database. Anyone...

CVE-2024-27602

CRITICAL CVSS 9.1 Apr 2, 2024

Alldata V0.4.6 has an incorrect access control vulnerability that leaks sensitive API documentation through unauthenticated endpoints like /api/system/v2/api-docs. This exposes internal system interfa...

CVE-2024-29433

CRITICAL CVSS 9.8 Apr 1, 2024

This vulnerability in Alldata v0.4.6 allows remote attackers to execute arbitrary code by sending specially crafted data to the FASTJSON deserialization component. Any system running the vulnerable ve...

CVE-2024-27605

HIGH CVSS 7.5 Apr 2, 2024

Alldata V0.4.6 has insecure permissions that allow low-privileged users (including test accounts) to query information about all users in the system. This affects any system running Alldata V0.4.6 wit...