4 matches found
EUVD-2023-58526
Malicious code in bioql PyPI...
JSA10462 - Cross-site scripting issue with file browsing upload page
Problem A cross-site scripting XSS vulnerability was identified in the PCS / PPS file browsing upload page during a routine security scan. Specifically, this URL is called when a user attempts to upload a set of files. A malicious URL can be crafted with a bad payload that could allow unauthorize...
SQL Injection Vulnerability in Digital Campus Management System type=Detail&FileId Parameter of Shanghai Pengda Computer System Development Co.
The digital campus system of Shanghai Pengda Computer System Development Co., Ltd. is a technology platform using .NET+SqlServer. NET+SqlServer technology platform. SQL injection vulnerability exists in the Digital Campus Management System/BG/GRBG/FileManage/FileUPload.aspx page of Shanghai Pengd...
SQL Injection Vulnerability in type=Detail&FileId Parameter of Penta Digital Campus System
Penta Digital Campus System is using the technology platform of .NET+SqlServer. A SQL injection vulnerability exists in the /BG/GRBG/FileManage/FileUPload.aspx page of Pangda Digital Campus System. The lack of filtering of the 'id' parameter allows an attacker to exploit the vulnerability to obta...