Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

anji-plus — Vulnerabilities & Security Advisories 8

Browse all 8 CVE security advisories affecting anji-plus. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Anji-plus is an open-source Java framework primarily used for building enterprise applications. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its eight recorded CVEs. The framework's security posture has been compromised through insecure deserialization and improper input validation, leading to several high-severity exploits. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities in its core components suggests potential risks for organizations relying on this technology without proper hardening or regular updates.

Top products by anji-plus: AJ-Report
CVE IDTitleCVSSSeverityPublished
CVE-2024-7314 anji-plus AJ-Report Authentication Bypass — AJ-ReportCWE-288 9.8 Critical2024-08-02
CVE-2024-5356 anji-plus AJ-Report testTransform;swagger-ui sql injection — AJ-ReportCWE-89 6.3 Medium2024-05-26
CVE-2024-5355 anji-plus AJ-Report IGroovyHandler command injection — AJ-ReportCWE-77 6.3 Medium2024-05-26
CVE-2024-5354 anji-plus AJ-Report detailByCode information disclosure — AJ-ReportCWE-200 4.3 Medium2024-05-26
CVE-2024-5353 anji-plus AJ-Report ZIP File decompress path traversal — AJ-ReportCWE-22 6.3 Medium2024-05-26
CVE-2024-5352 anji-plus AJ-Report validationRules deserialization — AJ-ReportCWE-502 6.3 Medium2024-05-26
CVE-2024-5351 anji-plus AJ-Report Javascript getValueFromJs deserialization — AJ-ReportCWE-502 6.3 Medium2024-05-26
CVE-2024-5350 anji-plus AJ-Report pageList sql injection — AJ-ReportCWE-89 6.3 Medium2024-05-25

This page lists every published CVE security advisory associated with anji-plus. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.