Lucene search
K

9 matches found

NVD
NVD
added 3 days ago7 views

CVE-2026-14737

A vulnerability was identified in Hanwang e-Face General Management Platform 6.3.5.4. This impacts an unknown function of the file /sysAuthStr/querySysAuthStr.do. The manipulation of the argument order leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly...

7.5CVSS0.00259EPSS
Exploits0References5
Cvelist
Cvelist
added 3 days ago38 views

CVE-2026-14737 Hanwang e-Face General Management Platform querySysAuthStr.do sql injection

A vulnerability was identified in Hanwang e-Face General Management Platform 6.3.5.4. This impacts an unknown function of the file /sysAuthStr/querySysAuthStr.do. The manipulation of the argument order leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly...

7.5CVSS0.00259EPSS
Exploits0References5
CVE
CVE
added 3 days ago12 views

CVE-2026-14737

Hanwang e-Face General Management Platform 6.3.5.4 is affected. The vulnerability resides in the function handling /sysAuthStr/querySysAuthStr.do, where manipulation of the argument order leads to SQL injection. The issue can be triggered remotely, and public exploitation code is available. Explo...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 3 days ago5 views

CVE-2026-14737

A vulnerability was identified in Hanwang e-Face General Management Platform 6.3.5.4. This impacts an unknown function of the file /sysAuthStr/querySysAuthStr.do. The manipulation of the argument order leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-41745

A vulnerability was identified in Hanwang e-Face General Management Platform 6.3.5.4. This impacts an unknown function of the file /sysAuthStr/querySysAuthStr.do. The manipulation of the argument order leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References5
NVD
NVD
added 2026/06/29 9:16 a.m.10 views

CVE-2026-13547

A vulnerability was determined in Hanwang e-Face General Management Platform 6.3.5.4. This issue affects some unknown processing of the file /manage/resourceUpload/upload.do. Executing a manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The...

7.5CVSS0.00278EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/29 7:30 a.m.6 views

EUVD-2026-40047

A vulnerability was determined in Hanwang e-Face General Management Platform 6.3.5.4. This issue affects some unknown processing of the file /manage/resourceUpload/upload.do. Executing a manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The...

7.5CVSS6.8AI score0.00278EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/29 7:30 a.m.32 views

CVE-2026-13547 Hanwang e-Face General Management Platform upload.do unrestricted upload

A vulnerability was determined in Hanwang e-Face General Management Platform 6.3.5.4. This issue affects some unknown processing of the file /manage/resourceUpload/upload.do. Executing a manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The...

7.5CVSS0.00278EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/29 7:30 a.m.7 views

CVE-2026-13547

A vulnerability was determined in Hanwang e-Face General Management Platform 6.3.5.4. This issue affects some unknown processing of the file /manage/resourceUpload/upload.do. Executing a manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The...

7.5CVSS5.5AI score0.00278EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder