220 matches found
CVE-2025-13769
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-13770 Uniong|WebITR - SQL Injection
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-13770
CVE-2025-13770 affects WebITR by Uniong. A SQL Injection vulnerability allows authenticated remote attackers to inject arbitrary SQL and read database contents. The issue is documented with CVSS v3.1/4.0 bases (6.5 MEDIUM and 7.1 HIGH, respectively). Affected versions are not specified in the sou...
EUVD-2025-199864
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
EUVD-2025-199865
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-13769
CVE-2025-13769 concerns WebITR by Uniong, with a SQL injection vulnerability that, when exploited by authenticated remote attackers, can read database contents. The included sources consistently describe the flaw as a SQL injection affecting WebITR; however, no concrete affected version list or v...
Uniong WebITR SQL注入漏洞
Uniong WebITR is an online time and attendance system from China Kaifa Uniong. Uniong WebITR suffers from a SQL injection vulnerability that originates from SQL injection, which allows remote attackers to inject arbitrary SQL commands to read database contents...
PT-2025-48321
Name of the Vulnerable Software and Affected Versions WebITR versions affected versions not specified Description WebITR, developed by Uniong, contains a SQL Injection issue. Authenticated remote attackers can inject arbitrary SQL commands, potentially allowing them to read database contents. The...
PT-2025-48320
Name of the Vulnerable Software and Affected Versions WebITR versions affected versions not specified Description WebITR developed by Uniong has a SQL Injection issue. Authenticated remote attackers can inject arbitrary SQL commands, potentially allowing them to read database contents. The...
EUVD-2025-197645
Information Disclosure in web-accessible backup file in SourceCodester Simple Online Book Store System allows a remote unauthenticated attacker to disclose full database contents including schema and credential hashes via an unauthenticated HTTP GET request to /obs/database/obsdb.sql...
CVE-2025-63891
Information Disclosure in web-accessible backup file in SourceCodester Simple Online Book Store System allows a remote unauthenticated attacker to disclose full database contents including schema and credential hashes via an unauthenticated HTTP GET request to /obs/database/obsdb.sql...
CVE-2025-13047
Bacteriology Laboratory Reporting System developed by ViewLead Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-13047
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
EUVD-2025-119986
Bacteriology Laboratory Reporting System developed by ViewLead Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-13047
CVE-2025-13047 affects the ViewLead Technology Bacteriology Laboratory Reporting System. The vulnerability is a SQL Injection that allows unauthenticated remote attackers to inject arbitrary SQL and read database contents. Root cause and exact vulnerable component are described as an injection fl...
CVE-2025-13046
The CVE-2025-13046 entry is linked to a SQL Injection vulnerability in ViewLead Technology’s Bacteriology Laboratory Reporting System. Unauthenticated remote attackers can inject arbitrary SQL commands to read database contents. Multiple connected sources confirm the affected product and the impa...
PT-2025-46577
Name of the Vulnerable Software and Affected Versions ViewLead Technology Bacteriology Laboratory Reporting System affected versions not specified Description The Bacteriology Laboratory Reporting System allows unauthenticated remote attackers to inject arbitrary SQL commands, potentially enablin...
EUVD-2025-38732
U-Office Force developed by e-Excellence has a SQL Injection vulnerability, allowing authenticated remote attacker to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2025-12865 e-Excellence|U-Office Force - SQL Injection
U-Office Force developed by e-Excellence has a SQL Injection vulnerability, allowing authenticated remote attacker to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2025-12503
EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...