📦 Powerjob

PowerJob versions 3.20 and above contain a SQL injection vulnerability in the version parameter that allows attackers to execute arbitrary SQL commands on the database. This affects all deployments us...

PowerJob v4.3.3 contains a remote command execution vulnerability in the instanceId parameter at the /instance/detail endpoint. This allows unauthenticated attackers to execute arbitrary commands on a...

PowerJob V4.3.1 has an incorrect access control vulnerability that allows attackers to bypass authentication and execute arbitrary code remotely. This affects all PowerJob deployments running the vuln...

PowerJob V4.3.2 contains an unauthorized interface that allows attackers to execute arbitrary code remotely without authentication. This affects all systems running the vulnerable version of PowerJob,...

An incorrect access control vulnerability in PowerJob versions 4.3.2 and earlier allows remote attackers to obtain sensitive information by querying the /container/list interface with an appId paramet...

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in PowerJob's network request handler. Attackers can manipulate targetIp/targetPort parameters to make the server send unauthorize...

PowerJob versions up to 5.1.2 have an authorization bypass vulnerability in the OpenAPIController's /openApi/runJob endpoint. This allows remote attackers to execute jobs without proper authentication...

PowerJob versions up to 5.1.2 have a missing authorization vulnerability in the /user/list endpoint that allows unauthorized access to user information. This affects all PowerJob deployments using vul...