8 matches found
Fanwei e-cology - SQL Injection
Fanwei e-cology 8.0 contains a sql injection caused by unsanitized user input in the sql parameter of getdata.jsp, letting unauthenticated attackers execute arbitrary SQL queries and access sensitive data. id: CVE-2025-34038 info: name: Fanwei e-cology - SQL Injection author: ritikchaddha severit...
EUVD-2025-19038
Malicious code in bioql PyPI...
CVE-2025-34038
A SQL injection vulnerability exists in Weaver E-cology 8.0 via the getdata.jsp endpoint. The application directly passes unsanitized user input from the sql parameter into a database query within the getSelectAllIdssql, type method, reachable through the cmd=getSelectAllId workflow in the...
CVE-2025-34038
A SQL injection vulnerability exists in Weaver E-cology 8.0 via the getdata.jsp endpoint. The application directly passes unsanitized user input from the sql parameter into a database query within the getSelectAllIdssql, type method, reachable through the cmd=getSelectAllId workflow in the...
CVE-2025-34038 Weaver E-cology SQL Injection
A SQL injection vulnerability exists in Weaver E-cology 8.0 via the getdata.jsp endpoint. The application directly passes unsanitized user input from the sql parameter into a database query within the getSelectAllIdssql, type method, reachable through the cmd=getSelectAllId workflow in the...
CVE-2025-34038 Weaver E-cology SQL Injection
A SQL injection vulnerability exists in Weaver E-cology 8.0 via the getdata.jsp endpoint. The application directly passes unsanitized user input from the sql parameter into a database query within the getSelectAllIdssql, type method, reachable through the cmd=getSelectAllId workflow in the...
CVE-2025-34038
Weaver e-cology 8.0 is affected by a SQL injection in getdata.jsp via the unsanitized sql parameter, exploited through the getSelectAllIds(sql, type) workflow in AjaxManager. Unauthenticated attackers can run arbitrary SQL queries and may access sensitive data (e.g., administrator password hashes...
PT-2025-26669 · Fanwei · Fanwei E-Cology
Name of the Vulnerable Software and Affected Versions: Fanwei e-cology versions 8.0 and prior Description: A SQL injection issue exists, allowing unauthenticated attackers to execute arbitrary SQL queries via the "getdata.jsp" endpoint. The application passes unsanitized user input from the sql...