67 matches found
CVE-2025-11629
RainyGao DocSys up to version 2.02.36 contains a SQL injection in the getUserList function (/Manage/getUserList.do). The vulnerability allows remote exploitation; exploit information has been disclosed publicly. Multiple sources (Red Hat, EU ENISA, CVE records, and PT Security) consistently ident...
PT-2025-41711
Name of the Vulnerable Software and Affected Versions RainyGao DocSys versions up to 2.02.36 Description A flaw exists in RainyGao DocSys that allows for path traversal. This issue is related to the file /Doc/deleteDoc.do and involves manipulating the path argument. The attack can be initiated...
PT-2025-41710
Name of the Vulnerable Software and Affected Versions RainyGao DocSys versions up to 2.02.36 Description A flaw exists in the File Upload component of RainyGao DocSys. The updateRealDoc function within the /Doc/uploadDoc.do file is susceptible to path traversal due to manipulation of the path...
EUVD-2022-51851
Malicious code in bioql PyPI...
EUVD-2022-51750
Malicious code in bioql PyPI...
EUVD-2022-51761
Malicious code in bioql PyPI...
CVE-2022-4416
A vulnerability was found in RainyGao DocSys. It has been declared as critical. This vulnerability affects the function getReposAllUsers of the file /DocSystem/Repos/getReposAllUsers.do. The manipulation of the argument searchWord/reposId leads to sql injection. The attack can be initiated...
CVE-2022-4402
A vulnerability classified as critical has been found in RainyGao DocSys 2.02.37. This affects an unknown part of the component ZIP File Decompression Handler. The manipulation leads to path traversal: '../filedir'. It is possible to initiate the attack remotely. The exploit has been disclosed to...
CVE-2022-4511
A vulnerability has been found in RainyGao DocSys and classified as critical. Affected by this vulnerability is an unknown functionality of the component com.DocSystem.controller.UserControllergetUserImg. The manipulation leads to path traversal: '../filedir'. The attack can be launched remotely...
CVE-2022-4511
A vulnerability has been found in RainyGao DocSys and classified as critical. Affected by this vulnerability is an unknown functionality of the component com.DocSystem.controller.UserControllergetUserImg. The manipulation leads to path traversal: '../filedir'. The attack can be launched remotely...
Path traversal
A vulnerability has been found in RainyGao DocSys and classified as critical. Affected by this vulnerability is an unknown functionality of the component com.DocSystem.controller.UserControllergetUserImg. The manipulation leads to path traversal: '../filedir'. The attack can be launched remotely...
CVE-2022-4511 RainyGao DocSys path traversal
A vulnerability has been found in RainyGao DocSys and classified as critical. Affected by this vulnerability is an unknown functionality of the component com.DocSystem.controller.UserControllergetUserImg. The manipulation leads to path traversal: '../filedir'. The attack can be launched remotely...
CVE-2022-4511 RainyGao DocSys path traversal
A vulnerability has been found in RainyGao DocSys and classified as critical. Affected by this vulnerability is an unknown functionality of the component com.DocSystem.controller.UserControllergetUserImg. The manipulation leads to path traversal: '../filedir'. The attack can be launched remotely...
PT-2022-27404 · Unknown · Rainygao Docsys
Name of the Vulnerable Software and Affected Versions: RainyGao DocSys affected versions not specified Description: A critical issue has been found in RainyGao DocSys, affecting an unknown functionality of the component com.DocSystem.controller.UserControllergetUserImg. The manipulation leads to...
CVE-2022-4511
The CVE-2022-4511 entry pertains to RainyGao DocSys. The vulnerability affects the component com.DocSystem.controller.UserController#getUserImg and enables a path traversal via ../filedir. It is described as remote-exploitable and classified as critical/high impact across multiple sources, with e...
CVE-2022-4416
A vulnerability was found in RainyGao DocSys. It has been declared as critical. This vulnerability affects the function getReposAllUsers of the file /DocSystem/Repos/getReposAllUsers.do. The manipulation of the argument searchWord/reposId leads to sql injection. The attack can be initiated...
Sql injection
A vulnerability was found in RainyGao DocSys. It has been declared as critical. This vulnerability affects the function getReposAllUsers of the file /DocSystem/Repos/getReposAllUsers.do. The manipulation of the argument searchWord/reposId leads to sql injection. The attack can be initiated...
CVE-2022-4416 RainyGao DocSys getReposAllUsers.do getReposAllUsers sql injection
A vulnerability was found in RainyGao DocSys. It has been declared as critical. This vulnerability affects the function getReposAllUsers of the file /DocSystem/Repos/getReposAllUsers.do. The manipulation of the argument searchWord/reposId leads to sql injection. The attack can be initiated...
PT-2022-27127 · Unknown · Rainygao Docsys
Name of the Vulnerable Software and Affected Versions: RainyGao DocSys affected versions not specified Description: A critical issue has been identified, affecting the getReposAllUsers function of the file /DocSystem/Repos/getReposAllUsers.do. The manipulation of the searchWord/reposId argument...
CVE-2022-4416 RainyGao DocSys getReposAllUsers.do getReposAllUsers sql injection
A vulnerability was found in RainyGao DocSys. It has been declared as critical. This vulnerability affects the function getReposAllUsers of the file /DocSystem/Repos/getReposAllUsers.do. The manipulation of the argument searchWord/reposId leads to sql injection. The attack can be initiated...