Powerjob: >> Powerjob >> 3.4.6 Security Vulnerabilities
A vulnerability was identified in PowerJob up to 5.1.2. This vulnerability affects the function checkConnectivity of the file src/main/java/tech/powerjob/common/utils/net/PingPongUtils.java of the component Network Request Handler. The manipulation of the argument targetIp/targetPort leads to server-side request forgery. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-12-11
A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-10
A weakness has been identified in PowerJob up to 5.1.2. This affects the function list of the file /user/list. This manipulation causes missing authorization. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
CVSS Score
5.3
EPSS Score
0.034
Published
2025-10-10
Powerjob >= 3.20 is vulnerable to SQL injection via the version parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-11-11
An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-17