18 matches found
Hardcoded credentials
Le-yan Personnel and Salary Management System has hard-coded database account and password within the website source code. An unauthenticated remote attacker can access, modify system data or disrupt service...
CVE-2022-38116
The CVE-2022-38116 entry concerns Le-yan Personnel and Salary Management System with hard-coded database credentials in the website source code, as documented across multiple sources (NVD/NVD-derived listings and CWE-style summaries). The root cause is embedded static credentials within the appli...
CVE-2022-38116
Le-yan Personnel and Salary Management System has hard-coded database account and password within the website source code. An unauthenticated remote attacker can access, modify system data or disrupt service...
PT-2022-24210 · Unknown · Le-Yan Personnel/Salary Management System
Name of the Vulnerable Software and Affected Versions: Le-yan Personnel and Salary Management System affected versions not specified Description: The issue concerns hard-coded database account and password within the website source code. This allows an unauthenticated remote attacker to access,...
Le-yan Personnel and Salary Management System 信任管理问题漏洞
Le-yan Personnel and Salary Management System is a personnel and salary management system from Le-yan, a Chinese company. A security vulnerability exists in the Le-yan Personnel and Salary Management System, which originates from having hard-coded database accounts and passwords in the site sourc...
CVE-2022-22055
The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator’s privilege and perform arbitrary operations on the system or disrupt service...
CVE-2022-22055
The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator’s privilege and perform arbitrary operations on the system or disrupt service...
CVE-2022-22056
The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator’s privilege and control the system or disrupt service...
CVE-2022-22056
The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator’s privilege and control the system or disrupt service...
Sql injection
The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator’s privilege and perform arbitrary operations on the system or disrupt service...
Hardcoded credentials
The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator’s privilege and control the system or disrupt service...
CVE-2022-22056
Affected product: Le-Yan Dental Management System (Le-Yan, China). Vulnerability type: hard-coded credentials in the web page source, leading to an unauthenticated remote attacker gaining administrator privileges and potentially taking control or disrupting services. Root cause: credential hard-c...
CVE-2022-22056 Le-yan Co., Ltd. dental management system - Hard-coded Credentials
The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator’s privilege and control the system or disrupt service...
CVE-2022-22055
CVE-2022-22055 concerns Le-Yan Dental Management System with an SQL injection vulnerability. Multiple connected sources describe an unauthenticated remote attacker exploiting unsanitized SQL in the login input to elevate privileges (admin) and perform arbitrary operations or disrupt service. Root...
CVE-2022-22055 Le-yan Co., Ltd. dental management system - SQL Injection
The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator’s privilege and perform arbitrary operations on the system or disrupt service...
CVE-2022-22055
The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator’s privilege and perform arbitrary operations on the system or disrupt service...
Le-Yan Dental Management System SQL注入漏洞
Le-Yan Dental Management System is a dental management system from Le-Yan, China. sql injection vulnerability exists in Le-Yan Dental Management System, which originates from the application's lack of validation of externally entered SQL statements, and can be exploited by attackers to execute...
Le-Yan Dental Management System 信任管理问题漏洞
Le-Yan Dental Management System is a dental management system from Le-Yan, China. Le-Yan dental management system is vulnerable to a trust management issue, which could be exploited by attackers to gain administrator privileges and take control of the system or disrupt services...