448 matches found
PT-2024-36568
Name of the Vulnerable Software and Affected Versions Vanna library affected versions not specified Description The Vanna library is affected by a remote code execution issue due to prompt injection. This allows an attacker to alter the prompt function used for visualized results and run arbitrar...
J2EEFAST ProcessDefinitionMapper.xml File SQL Injection Vulnerability
J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from ProcessDefinitionMapper.xml findPag...
RuvarOA id parameter SQL injection vulnerability (CNVD-2024-33625)
RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the id parameter of the /WorkFlow/wfofficefilehistoryshow.aspx file, which lacks validation of externally entered SQL statements. An attacker can exploit...
J2EEFAST findApplyedTasksPage function SQL injection vulnerability
J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2eeFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from BpmTaskMapper.xml...
J2EEFAST myProcessList function SQL injection vulnerability
J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the myProcessList function of the...
Student Record System login.php File SQL Injection Vulnerability
Student Record System is a software application. Student Record System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the id/password parameter of the file /login.php. An attacker can exploit this vulnerability to...
Simple School Managment System SQL Injection Vulnerability (CNVD-2024-14040)
Simple School Managment System is Code-projects open source a simple school management system . Simple School Managment System version 1.0 SQL injection vulnerability , the vulnerability stems from the application lack of validation of external input SQL statement , an attacker can exploit the...
Simple School Managment System SQL Injection Vulnerability (CNVD-2024-14039)
Simple School Managment System is Code-projects open source a simple school management system . Simple School Managment System version 1.0 SQL injection vulnerability , the vulnerability stems from the application lack of validation of external input SQL statement , an attacker can exploit the...
Simple School Managment System SQL Injection Vulnerability (CNVD-2024-14036)
Simple School Managment System is Code-projects open source a simple school management system . Simple School Managment System version 1.0 SQL injection vulnerability , the vulnerability stems from the application lack of validation of external input SQL statement , an attacker can exploit the...
Simple School Managment System SQL Injection Vulnerability
Simple School Managment System is Code-projects open source a simple school management system . Simple School Managment System version 1.0 SQL injection vulnerability , the vulnerability stems from the application lack of validation of external input SQL statement , an attacker can exploit the...
Simple School Managment System SQL Injection Vulnerability (CNVD-2024-14038)
Simple School Managment System is Code-projects open source a simple school management system . Simple School Managment System version 1.0 SQL injection vulnerability , the vulnerability stems from the application lack of external input SQL statement validation , an attacker can exploit the...
Simple School Managment System SQL Injection Vulnerability (CNVD-2024-14035)
Simple School Managment System is Code-projects open source a simple school management system . Simple School Managment System version 1.0 SQL injection vulnerability , the vulnerability stems from the application lack of validation of external input SQL statement , an attacker can exploit the...
The vulnerability of the corporate version of the GitHub Enterprise Server, related to the use of external management input for class selection, allows a perpetrator to execute arbitrary code.
The vulnerability of the corporate version of the GitHub Enterprise Server is related to the use of external management input data for class selection. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
CVE-2023-45722
HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory. The product does not properly neutralize special...
CVE-2023-45722
HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory. The product does not properly neutralize special...
Path traversal
HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory. The product does not properly neutralize special...
CVE-2023-45722 Path Traversal Arbitrary File Read affects DRYiCE MyXalytics
HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory. The product does not properly neutralize special...
PT-2024-13277 · Hcl · Hcl Dryice Myxalytics
Name of the Vulnerable Software and Affected Versions: HCL DRYiCE MyXalytics affected versions not specified Description: The issue is related to a path traversal arbitrary file read vulnerability. It occurs because the product uses external input to construct a pathname intended to identify a fi...
Apache Cocoon SQL注入漏洞
Apache Cocoon is the United States Apache Apache Foundation of a component-based Web development concepts built Web application framework. Apache Cocoon suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacke...
RHEL 8 : emacs (RHSA-2023:7083)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7083 advisory. GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp,...