43 matches found
Web Wiz Forums SQL注入漏洞
Web Wiz Forums is a community forum system developed by the British company Web Wiz. Version 12.01 of Web Wiz Forums contains a SQL injection vulnerability. This vulnerability stems from SQL injection in the PF parameters, which could allow unverified attackers to manipulate database queries...
CVE-2025-29864
Protection Mechanism Failure vulnerability in ESTsoft ALZip on Windows allows SmartScreen bypass.This issue affects ALZip: from 12.01 before 12.29...
CVE-2025-29864
Protection Mechanism Failure vulnerability in ESTsoft ALZip on Windows allows SmartScreen bypass.This issue affects ALZip: from 12.01 before 12.29...
EUVD-2025-200731
Protection Mechanism Failure vulnerability in ESTsoft ALZip on Windows allows SmartScreen bypass.This issue affects ALZip: from 12.01 before 12.29...
CVE-2025-29864
ESTsoft ALZip on Windows (versions 12.01 up to 12.29 exclusive) is affected by a Protection Mechanism Failure that allows bypassing the SmartScreen protection. The vulnerability is described consistently across multiple sources (NVD, Red Hat, CNNVD, EUVD, CIRCL, etc.) as a SmartScreen bypass due ...
Estsoft Alzip 安全漏洞
Estsoft Alzip is a compression/decompression application from Estsoft, a Korean company that supports multiple formats. A security vulnerability exists in Estsoft Alzip versions 12.01 through prior to 12.29, which stems from a failure of the SmartScreen protection mechanism and may result in...
CVE-2024-25514
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the templateid parameter at /SysManage/wftemplatechildfieldlist.aspx...
CVE-2024-25527
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /PersonalAffair/worklogtemplateshow.aspx...
CVE-2024-25531
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the PageID parameter at /WebUtility/SearchCondiction.aspx...
CVE-2024-25518
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the templateid parameter at /WorkFlow/wfgetfieldsapprove.aspx...
CVE-2024-25517
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the tbTable argument at /WebUtility/MF.aspx...
CVE-2024-25511
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /AddressBook/addresspublicnew.aspx...
CVE-2024-25509
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the sysfilestorageid parameter at /WorkFlow/wffiledownload.aspx...
CVE-2024-25529
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /WorkFlow/wfofficefilehistoryshow.aspx...
RuvarOA idlist Parameter SQL Injection Vulnerability
RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which is caused by a lack of validation of the idlist parameter of the /WorkFlow/wfworkprint.aspx file against externally entered SQL statements. An attacker can exploit this...
CVE-2024-25524
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the sysfilestorageid parameter at /WorkPlan/WorkPlanAttachDownLoad.aspx...
PT-2024-20978 · Ruvaroa · Ruvaroa
Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the tbTable argument at the "/WebUtility/MF.aspx" API endpoint. Recommendations: For versions 6.01...
RuvarOA 安全漏洞
RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the lack of validation of the templateid parameter of the /WorkFlow/wfgetfieldsapprove.aspx file against externally entered SQL statements. An attacker ca...
RuvarOA 安全漏洞
RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which is caused by the lack of validation of the tbTable parameter in the /WebUtility/MF.aspx file against externally entered SQL statements. An attacker can exploit this...
RuvarOA 安全漏洞
RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the lack of validation of external SQL statements in the PageID parameter of the /WebUtility/getfindcondiction.aspx file. An attacker can exploit this...