129 matches found
CVE-2024-28077
A denial-of-service issue was discovered on certain GL-iNet devices. Some websites can detect devices exposed to the external network through DDNS, and consequently obtain the IP addresses and ports of devices that are exposed. By using special usernames and special characters such as half...
CVE-2024-32238
H3C ER8300G2-X is vulnerable to Incorrect Access Control. The password for the router's management system can be accessed via the management system page login interface...
VulnCheck KEV: CVE-2023-5830
A vulnerability classified as critical has been found in ColumbiaSoft Document Locator. This affects an unknown part of the file /api/authentication/login of the component WebTools. The manipulation of the argument Server leads to improper authentication. It is possible to initiate the attack...
CVE-2023-6655
A vulnerability, which was classified as critical, has been found in Hongjing e-HR 2020. Affected by this issue is some unknown functionality of the file /wselfservice/oauthservlet/%2e./.%2e/general/inform/org/loadhistroyorgtree of the component Login Interface. The manipulation of the argument...
Sql injection
A vulnerability, which was classified as critical, has been found in Hongjing e-HR 2020. Affected by this issue is some unknown functionality of the file /wselfservice/oauthservlet/%2e./.%2e/general/inform/org/loadhistroyorgtree of the component Login Interface. The manipulation of the argument...
CVE-2023-6655 Hongjing e-HR Login Interface loadhistroyorgtree sql injection
A vulnerability, which was classified as critical, has been found in Hongjing e-HR 2020. Affected by this issue is some unknown functionality of the file /wselfservice/oauthservlet/%2e./.%2e/general/inform/org/loadhistroyorgtree of the component Login Interface. The manipulation of the argument...
CVE-2023-6655 Hongjing e-HR Login Interface loadhistroyorgtree sql injection
A vulnerability, which was classified as critical, has been found in Hongjing e-HR 2020. Affected by this issue is some unknown functionality of the file /wselfservice/oauthservlet/%2e./.%2e/general/inform/org/loadhistroyorgtree of the component Login Interface. The manipulation of the argument...
CVE-2023-6655
CVE-2023-6655 affects Hongjing e-HR 2020. The vulnerability resides in the Login Interface, specifically the file path …/loadhistroyorgtree, where manipulating the parameter parentid leads to a SQL injection . The issue is described as exploitable remotely and publicly disclosed (VDB-247358). Som...
ColumbiaSoft Document Locator Security Vulnerability
ColumbiaSoft Document Locator is a document management system from ColumbiaSoft. A security vulnerability exists in ColumbiaSoft Document Locator versions prior to 7.2 SP4, which stems from the parameter Server in file/api/authentication/login can lead to incorrect authentication...
HANSUNCMS SQL Injection Vulnerability
HANSUNCMS is a website builder system from China HANSUN Technology HANSUN Company. HANSUNCMS v1.0 version of the existence of security vulnerabilities, the vulnerability stems from the component / ajax / ajaxlogin.ashx found to contain SQL injection vulnerability...
Ruijie Networks RG-EW1200G 授权问题漏洞
The Ruijie Networks RG-EW1200G is a wireless router from Ruijie Networks China. An authorization issue vulnerability exists in the Ruijie Networks RG-EW1200G, which stems from improper authentication in file/api/sys/login...
CVE-2022-26189
TOTOLINK N600R V4.3.0cu.7570B20200620 was discovered to contain a command injection vulnerability via the langType parameter in the login interface...
CVE-2022-26189
TOTOLINK N600R V4.3.0cu.7570B20200620 was discovered to contain a command injection vulnerability via the langType parameter in the login interface...
Command injection
TOTOLINK N600R V4.3.0cu.7570B20200620 was discovered to contain a command injection vulnerability via the langType parameter in the login interface...
Solarwinds Serv-U Web Client 输入验证错误漏洞
The Solarwinds Serv-U Web Client is an HTTP-based file transfer client from SolarWinds USA that is available to all users on licensed Serv-U file servers. An input validation error vulnerability exists in the Solarwinds Serv-U Web Client that stems from the Serv-U web login interface allowing...
Openvpn OpenVPN 跨站脚本漏洞
Openvpn OpenVPN is a software package from OpenVPN Openvpn Inc. that creates encrypted virtual private network VPN tunnels that use the OpenSSL library to encrypt data and control information and allow the created VPN to be authenticated using a public key, an electronic certificate, or a...
Vmware Workspace One 信息泄露漏洞
Vmware Vmware Workspace One is a platform for supporting cross-device applications for rapid delivery and management of applications from Vmware, USA. The platform, which includes VMware Horizon and VMware Horizon Cloud, integrates access control, application management, and multi-platform endpoi...
Logic Flaw Vulnerability in the Backend Management Login Interface of Angel School Training Website System
Angel school training website system is an open source website management system. Angel school training website system back-end management login interface has a logic flaw vulnerability that can be exploited by an attacker to violently break the administrator's password...
SQL Injection Vulnerability in the Login Interface of BodaTech Enterprise Website Management System
Liaocheng Boda Network Technology Co., Ltd. is mainly engaged in developing commercial websites. SQL injection vulnerability exists in the login interface of Boda's enterprise website management system, which can be exploited by attackers to obtain database information...
Logic Flaw Vulnerability in eXtplorer Login Interface
eXtplorer is a file management based on PHP and ExtJS development of the text based on PHP and ExtJS development of the file management of the file management device manager . A logic flaw vulnerability exists in the eXtplorer login interface, which can be exploited by an attacker to gain server...