CVE-2024-24525

An issue in EpointWebBuilder 5.1.0-sp1, 5.2.1-sp1, 5.4.1 and 5.4.2 allows a remote attacker to execute arbitrary code via the infoid parameter of the URL...

EpointWebBuilder Security Vulnerability

EpointWebBuilder is an application from Chinese company Epoint. A security vulnerability exists in EpointWebBuilder that originates from allowing an attacker to execute arbitrary code via the infoid parameter of a URL. Affected products and versions: EpointWebBuilder version 5.1.0-sp1, 5.2.1-sp1,...

SQL Injection Vulnerability in InfoId Parameter of Wave's Government e-Government System

The government e-government system is the social security information system government agencies and institutions information management system civil service management subsystem. Wave's government e-government system InfoId parameter SQL injection vulnerability, attackers can use the vulnerabili...

SQL Injection Vulnerability in 'infoid' Parameter of Wave Software Government System

Wave software government system is an industry informatization application system built on the basis of cloud computing and big data. A SQL injection vulnerability exists in the parameters of the WaveSoft Government System. The lack of filtering of the 'infoid' parameter allows an attacker to...

SQL Injection Vulnerability in InfoId Parameter of Wave Software Administrative Service System

The Administrative Service System ASS is a comprehensive administrative service system that integrates information and consultation, approval and charging, management and coordination, and complaints and supervision. A SQL injection vulnerability exists in the InfoId parameter of the administrati...