50 matches found
CVE-2026-3969
A vulnerability was detected in FeMiner wms up to 1.0. This impacts an unknown function of the file /wms-master/src/basic/depart/departaddbg.php of the component Basic Organizational Structure Module. Performing a manipulation of the argument Name results in sql injection. The attack may be...
CVE-2026-3969 FeMiner wms Basic Organizational Structure depart_add_bg.php sql injection
A vulnerability was detected in FeMiner wms up to 1.0. This impacts an unknown function of the file /wms-master/src/basic/depart/departaddbg.php of the component Basic Organizational Structure Module. Performing a manipulation of the argument Name results in sql injection. The attack may be...
CVE-2026-1059
A security vulnerability has been detected in FeMiner wms up to 9cad1f1b179a98b9547fd003c23b07c7594775fa. Affected by this vulnerability is an unknown functionality of the file /src/chkuser.php. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried...
CVE-2026-1059
A security vulnerability has been detected in FeMiner wms up to 9cad1f1b179a98b9547fd003c23b07c7594775fa. Affected by this vulnerability is an unknown functionality of the file /src/chkuser.php. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried...
CVE-2026-1059 FeMiner wms chkuser.php sql injection
A security vulnerability has been detected in FeMiner wms up to 9cad1f1b179a98b9547fd003c23b07c7594775fa. Affected by this vulnerability is an unknown functionality of the file /src/chkuser.php. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried...
CVE-2026-1059 FeMiner wms chkuser.php sql injection
A security vulnerability has been detected in FeMiner wms up to 9cad1f1b179a98b9547fd003c23b07c7594775fa. Affected by this vulnerability is an unknown functionality of the file /src/chkuser.php. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried...
CVE-2021-33949
An issue in FeMiner WMS v1.1 allows attackers to execute arbitrary code via the filename parameter and the exec function...
EUVD-2025-4147
Malicious code in bioql PyPI...
EUVD-2025-4144
Malicious code in bioql PyPI...
EUVD-2021-29852
Malicious code in bioql PyPI...
EUVD-2022-51628
Malicious code in bioql PyPI...
CVE-2022-4272
A vulnerability, which was classified as critical, has been found in FeMiner wms. Affected by this issue is some unknown functionality of the file /product/savenewproduct.php?flag=1. The manipulation of the argument upfile leads to unrestricted upload. The attack may be launched remotely. The...
FeMiner wms iquel_inout_item.php file SQL injection vulnerability
FeMiner wms is a warehouse management system for Chinese front-end miners FeMiner individual developers. A SQL injection vulnerability exists in FeMiner wms version 1.0, which stems from the lack of validation of externally entered SQL statements in iquelinoutitem.php. An attacker can exploit thi...
FeMiner wms id parameter SQL injection vulnerability
FeMiner wms is a warehouse management system for Chinese front-end miners FeMiner individual developers. A SQL injection vulnerability exists in FeMiner wms version 1.0, which stems from the lack of validation of the date1, date2, id parameters against externally entered SQL statements. An attack...
CVE-2025-25993
SQL Injection vulnerability in FeMiner wms wms 1.0 allows a remote attacker to obtain sensitive information via the parameter "itemid."...
CVE-2025-25997
Directory Traversal vulnerability in FeMiner wms v.1.0 allows a remote attacker to obtain sensitive information via the databak.php component...
CVE-2025-25994
SQL Injection vulnerability in FeMiner wms wms 1.0 allows a remote attacker to obtain sensitive information via the parameters date1, date2, id...
CVE-2025-25997
Directory Traversal vulnerability in FeMiner wms v.1.0 allows a remote attacker to obtain sensitive information via the databak.php component...
CVE-2025-25992
SQL Injection vulnerability in FeMiner wms 1.0 allows a remote attacker to obtain sensitive information via the inquireinoutitem.php component...
CVE-2025-25994
SQL Injection vulnerability in FeMiner wms wms 1.0 allows a remote attacker to obtain sensitive information via the parameters date1, date2, id...