VYPR

Jepaas Readallpostil SQL Injection Vulnerability

by C3p0ooo Yiqiyin

CVEs (1)

  • CVE-2025-14694MedDec 15, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was found in ketr JEPaaS up to 7.2.8. This impacts the function readAllPostil of the file /je/postil/postil/readAllPostil. Performing a manipulation of the argument keyWord results in sql injection. The attack can be initiated remotely. The exploit has been made…