69 matches found
LinuxKI Toolset <= 6.01 - Remote Command Execution
LinuxKI v6.0-1 and earlier are vulnerable to remote code execution. id: CVE-2020-7209 info: name: LinuxKI Toolset = 6.01 - Remote Command Execution author: dwisiswant0 severity: critical description: LinuxKI v6.0-1 and earlier are vulnerable to remote code execution. impact: | Successful...
Crystal Live HTTP Server 路径遍历漏洞
Crystal Live HTTP Server is a local static web server software developed by the Crystal company. Version 6.01 of Crystal Live HTTP Server contains a path traversal vulnerability. This vulnerability allows remote attackers to access system files by manipulating URL path segments, potentially leadi...
EUVD-2002-2310
Malware in sbrugna...
EUVD-2001-1047
Malware in sbrugna...
CVE-2024-25514
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the templateid parameter at /SysManage/wftemplatechildfieldlist.aspx...
CVE-2024-25527
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /PersonalAffair/worklogtemplateshow.aspx...
CVE-2024-25531
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the PageID parameter at /WebUtility/SearchCondiction.aspx...
CVE-2024-25518
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the templateid parameter at /WorkFlow/wfgetfieldsapprove.aspx...
CVE-2024-25517
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the tbTable argument at /WebUtility/MF.aspx...
CVE-2024-25511
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /AddressBook/addresspublicnew.aspx...
CVE-2024-25509
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the sysfilestorageid parameter at /WorkFlow/wffiledownload.aspx...
CVE-2024-25529
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /WorkFlow/wfofficefilehistoryshow.aspx...
RuvarOA idlist Parameter SQL Injection Vulnerability
RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which is caused by a lack of validation of the idlist parameter of the /WorkFlow/wfworkprint.aspx file against externally entered SQL statements. An attacker can exploit this...
CVE-2024-25524
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the sysfilestorageid parameter at /WorkPlan/WorkPlanAttachDownLoad.aspx...
PT-2024-20978 · Ruvaroa · Ruvaroa
Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the tbTable argument at the "/WebUtility/MF.aspx" API endpoint. Recommendations: For versions 6.01...
RuvarOA 安全漏洞
RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the lack of validation of the templateid parameter of the /WorkFlow/wfgetfieldsapprove.aspx file against externally entered SQL statements. An attacker ca...
RuvarOA 安全漏洞
RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which is caused by the lack of validation of the tbTable parameter in the /WebUtility/MF.aspx file against externally entered SQL statements. An attacker can exploit this...
RuvarOA 安全漏洞
RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the lack of validation of external SQL statements in the PageID parameter of the /WebUtility/getfindcondiction.aspx file. An attacker can exploit this...
PT-2024-20986 · Ruvaroa · Ruvaroa
Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: A SQL injection issue was discovered via the filename parameter at the "/WorkFlow/OfficeFileDownload.aspx" API endpoint. Recommendations: For versions 6.01 through 12.01, consider restricting...
PT-2024-20980 · Ruvaroa · Ruvaroa
Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: A SQL injection issue was discovered via the idlist parameter at the "/WorkFlow/wf work print.aspx" API endpoint. This allows for potential exploitation. Recommendations: For versions 6.01...