Lucene search
K

279 matches found

CNNVD
CNNVD
added 2023/08/26 12:0 a.m.2 views

IBOS SQL注入漏洞

IBOS is a collaborative office management system. A SQL injection vulnerability exists in IBOS OA version 4.5.5, which stems from the fact that the file ?r=recruit/bgchecks/export&checkids=x causes sql injection...

9.8CVSS7.1AI score0.00744EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/08/26 12:0 a.m.3 views

PT-2023-29552 · Ibos Oa · Ibos Oa

Name of the Vulnerable Software and Affected Versions: IBOS OA version 4.5.5 Description: A critical issue has been found in IBOS OA, affecting an unknown function of the file ?r=recruit/bgchecks/export&checkids=x. This issue leads to sql injection and can be exploited remotely. The exploit has...

9.8CVSS6.7AI score0.00744EPSS
Exploits1References8
OSV
OSV
added 2023/08/25 10:15 p.m.4 views

CVE-2023-4543

A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. This vulnerability affects unknown code of the file ?r=recruit/contact/export&contactids=x. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and...

9.8CVSS5.6AI score0.00799EPSS
Exploits1References3
Prion
Prion
added 2023/08/25 10:15 p.m.22 views

Sql injection

A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. This vulnerability affects unknown code of the file ?r=recruit/contact/export&contactids=x. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and...

6.5CVSS9.6AI score0.00799EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/08/25 9:31 p.m.22 views

CVE-2023-4543 IBOS OA export&contactids=x sql injection

A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. This vulnerability affects unknown code of the file ?r=recruit/contact/export&contactids=x. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and...

6.5CVSS9.9AI score0.00799EPSS
Exploits1References3
CVE
CVE
added 2023/08/25 9:31 p.m.50 views

CVE-2023-4543

The CVE-2023-4543 entry concerns IBOS OA 4.5.5 with a SQL injection in the file component identified as ?r=recruit/contact/export&contactids=x. Affected software is IBOS OA 4.5.5; underlying issue is input handling in that resource leading to unauthorized data manipulation. The vulnerability is r...

9.8CVSS8.3AI score0.00799EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/08/25 12:0 a.m.5 views

PT-2023-29550 · Ibos Oa · Ibos Oa

Name of the Vulnerable Software and Affected Versions: IBOS OA version 4.5.5 Description: A critical vulnerability was found in IBOS OA, affecting unknown code of the file ?r=recruit/contact/export&contactids=x. The manipulation leads to sql injection. The attack can be initiated remotely. The...

9.8CVSS6.9AI score0.00799EPSS
Exploits1References8
CNNVD
CNNVD
added 2023/08/25 12:0 a.m.2 views

IBOS SQL注入漏洞

IBOS is a collaborative office management system. A SQL injection vulnerability exists in IBOS OA version 4.5.5, which stems from the fact that the file ?r=recruit/contact/export&contactids=x causes sql injection...

9.8CVSS7.1AI score0.00799EPSS
Exploits1References4
OSV
OSV
added 2023/07/22 7:15 a.m.6 views

CVE-2023-3826

A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /?r=recruit/resume/edit&op=status of the component Interview Handler. The manipulation of the argument resumeid leads to sql injection. The attack can...

9.8CVSS5.7AI score0.00567EPSS
Exploits0References3
NVD
NVD
added 2023/07/22 7:15 a.m.17 views

CVE-2023-3826

A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /?r=recruit/resume/edit&op=status of the component Interview Handler. The manipulation of the argument resumeid leads to sql injection. The attack can...

9.8CVSS7.4AI score0.00567EPSS
Exploits0References3
Prion
Prion
added 2023/07/22 7:15 a.m.20 views

Sql injection

A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /?r=recruit/resume/edit&op=status of the component Interview Handler. The manipulation of the argument resumeid leads to sql injection. The attack can...

6.5CVSS9.6AI score0.00567EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/07/22 6:27 a.m.25 views

CVE-2023-3826 IBOS OA Interview edit&op=status sql injection

A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /?r=recruit/resume/edit&op=status of the component Interview Handler. The manipulation of the argument resumeid leads to sql injection. The attack can...

6.5CVSS9.9AI score0.00567EPSS
Exploits0References3
CVE
CVE
added 2023/07/22 6:27 a.m.155 views

CVE-2023-3826

CVE-2023-3826 affects IBOS OA 4.5.5 in the Interview Handler component, via the file path /?r=recruit/resume/edit&op=status where manipulating the resumeid parameter yields a SQL injection. The issue is exploitable remotely and can impact confidentiality, integrity, and availability as described ...

9.8CVSS8.3AI score0.00567EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/07/22 12:0 a.m.5 views

PT-2023-26338 · Ibos Oa · Ibos Oa

Name of the Vulnerable Software and Affected Versions: IBOS OA version 4.5.5 Description: A critical issue has been found in the Interview Handler component, specifically in the file /api/v1/recruit/resume/edit&op=status. The manipulation of the resumeid argument leads to SQL injection. This issu...

9.8CVSS7.2AI score0.00567EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/07/22 12:0 a.m.5 views

IBOS SQL注入漏洞

IBOS is a collaborative office management system. A SQL injection vulnerability exists in IBOS OA version 4.5.5, which originates from the presence of an unknown function in the file /?r=recruit/resume/edit&op=status in the component Interview Handler, which leads to a sql injection via the...

9.8CVSS7AI score0.00567EPSS
Exploits0References4
NVD
NVD
added 2023/07/21 12:15 a.m.23 views

CVE-2023-3801

A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. Affected by this vulnerability is the function actionEdit of the file ?r=officialdoc/officialdoc/edit of the component Mobile Notification Handler. The manipulation leads to sql injection. The exploit has been disclosed...

9.8CVSS6.8AI score0.006EPSS
Exploits0References4
Prion
Prion
added 2023/07/21 12:15 a.m.26 views

Sql injection

A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. Affected by this vulnerability is the function actionEdit of the file ?r=officialdoc/officialdoc/edit of the component Mobile Notification Handler. The manipulation leads to sql injection. The exploit has been disclosed...

5.2CVSS9.6AI score0.006EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/07/20 11:31 p.m.29 views

CVE-2023-3801 IBOS OA Mobile Notification edit actionEdit sql injection

A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. Affected by this vulnerability is the function actionEdit of the file ?r=officialdoc/officialdoc/edit of the component Mobile Notification Handler. The manipulation leads to sql injection. The exploit has been disclosed...

5.5CVSS9.9AI score0.006EPSS
Exploits0References4
CVE
CVE
added 2023/07/20 11:31 p.m.61 views

CVE-2023-3801

IBOS OA 4.5.5 is affected by a SQL injection in the Mobile Notification Handler’s actionEdit function (file ?r=officialdoc/officialdoc/edit). The issue is publicly disclosed and the vendor has not responded. A practical workaround from PT Security recommends disabling the actionEdit function or r...

9.8CVSS7.8AI score0.006EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/07/20 11:15 p.m.5 views

CVE-2023-3799

A vulnerability was found in IBOS OA 4.5.5 and classified as critical. This issue affects some unknown processing of the file ?r=article/category/del of the component Delete Category Handler. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been...

9.8CVSS5.6AI score0.00645EPSS
Exploits1References3
Rows per page
Query Builder