4 matches found
EUVD-2022-55964
Weaver Fanwei E-cology 9.5 versions prior to 10.52 contain an arbitrary file read vulnerability in the XmlRpcServlet interface at the XML-RPC endpoint that allows unauthenticated remote attackers to read arbitrary files by supplying file paths to the WorkflowService.getAttachment and...
SQL Injection Vulnerability in Panmicro e-cology OA System
Panmicro Collaborative Management Application Platform e-cology is a collaborative business platform with enterprise information portal, knowledge management, data center, workflow management, human resource management, customer and partner management, project management, financial management, an...
XML Entity Injection Vulnerability in Panmicro E-cology
Panmicro Collaborative Management Application Platform e-cology is a collaborative business platform with enterprise information portal, knowledge management, data center, workflow management, human resource management, customer and partner management, project management, financial management, an...
Panmicro e-cology v8 SQL Injection Vulnerability
Panmicro collaborative management application platform e-cology is a set of collaborative business platform. A SQL injection vulnerability exists in the id parameter of the Panmicro e-cology oa system/hrm/resource/HrmResourceContactEdit.jsp page, which allows an attacker to elevate the privileges...