HCL Leap 安全漏洞

HCL Leap is a low-code development platform from HCL India. HCL Leap has a security vulnerability that stems from an insufficient whitelisting of the URI protocol, which allows scripts to be injected via query parameters...

HCL Leap 安全漏洞

HCL Leap is a low-code development platform from HCL India. HCL Leap suffers from a security vulnerability that stems from the lack of a no cache header, which could lead to sensitive data being cached...

Scriptcase 安全漏洞

Scriptcase is a low-code platform for rapid application development from Scriptcase, Inc. A security vulnerability exists in Scriptcase v9.10.023 and earlier versions that stems from vulnerability to cross-site scripting XSS attacks...

MindsDB Cross-Site Scripting Vulnerability (CNVD-2024-26182)

MindsDB is an emerging low-code machine learning platform from MindsDB, Inc. MindsDB suffers from a cross-site scripting vulnerability. The vulnerability stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute...

jeecg-boot Security Vulnerabilities

Jeecg-Boot is a code generator based low-code platform from the JeecgBoot community. A security vulnerability exists in jeecg-boot version v.3.6.0, which stems from the presence of a directory traversal vulnerability. An attacker can exploit the vulnerability to obtain sensitive information throu...

Command Execution Vulnerability in JeecgBoot of Beijing Oberweis Technology Co.

JeecgBoot is an enterprise-grade, low-code platform. JeecgBoot has a command execution vulnerability that can be exploited by an attacker to gain control of the server...

Microsoft Power Apps 安全漏洞

Microsoft Power Apps is a low-code development platform from Microsoft Corporation USA designed to help users easily build customized enterprise applications. A security vulnerability exists in Microsoft Power Apps. An attacker exploited the vulnerability to perform spoofing attacks...

Microsoft Power Apps 安全漏洞

Microsoft Power Apps is a low-code development platform from Microsoft Corporation USA designed to help users easily build customized enterprise-class applications. A security vulnerability exists in Microsoft Power Apps that stems from the presence of a spoofing vulnerability...

CVE-2023-29010

CVE-2023-29010 affects Budibase: versions prior to 2.4.3 are vulnerable to Server-Side Request Forgery (SSRF) that can lead to exposure of an AWS secret key. The advisory notes that Budibase cloud users need to take no action, while self-hosted deployments on public internet with metadata-accessi...

Jeecg-Boot SQL注入漏洞

Jeecg-Boot is a low-code platform based on a code generator from the JeecgBoot community. Jeecg-Boot version 3.5.0 suffers from a SQL injection vulnerability. An attacker can exploit this vulnerability to perform a sql injection attack...

jeecg-boot suffers from a SQL injection vulnerability (CNVD-2022-43846)

JeecgBoot is a low-code BPM-based platform. jeecg-boot suffers from a SQL injection vulnerability that can be exploited by an attacker to obtain sensitive information about a database...

Jeecg-Boot Cross-Site Scripting Vulnerability

Jeecg-Boot is a low-code platform based on the code generator from the JeecgBoot community. Jeecg-Boot 3.0 has a security vulnerability that stems from a cross-site script in /jeecg-boot/jmreport/view that causes a mouse hover event. No details of the vulnerability are currently available...

Siemens Mendix 安全特征问题特征问题漏洞

Siemens Mendix is a low-code application development platform from Siemens, Germany. The platform provides application development, testing, deployment, and iteration capabilities. Siemens Mendix contains a security vulnerability that could be exploited by an attacker to retrieve information abou...

Jeecg-boot SQL Injection Vulnerability

Jeecg-Boot is a low-code platform based on the code generator from the JeecgBoot community. Jeecg-boot is vulnerable to SQL injection, which stems from a code parameter in /sys/user/queryUserComponentData that was found to be vulnerable to SQL injection. No detailed vulnerability details are...

Siemens Mendix Access Check Bypass Vulnerability

Siemens Mendix is a low-code application development platform from Siemens. The platform provides application development, testing, deployment and iteration. A security vulnerability exists in Siemens Mendix, which can be exploited by an attacker to bypass write access checks on properties of the...

Siemens Mendix 安全漏洞

Siemens Mendix is a low-code application development platform from Siemens. The platform provides application development, testing, deployment and iteration. A security vulnerability exists in Siemens Mendix, which can be exploited by an attacker to bypass write access checks on properties of the...

SQL Injection Vulnerability in Jeecg Boot of Beijing Guo Torch Information Technology Co.

Jeecg Boot is a low-code BPM-based platform. A SQL injection vulnerability exists in Jeecg Boot, which can be exploited by an attacker to obtain sensitive database information...

Beijing Guo Torch Information Technology Co. jeecg-boot suffers from SQL injection vulnerability (CNVD-2020-59429)

JeecgBoot is a low-code BPM-based platform. A SQL injection vulnerability exists in Beijing Guo Torch Information Technology Co. jeecg-boot, which can be exploited by an attacker to obtain sensitive information from a database...

Beijing Guo Torch Information Technology Co. jeecg-boot suffers from SQL injection vulnerability (CNVD-2020-59430)

JeecgBoot is a low-code BPM-based platform. A SQL injection vulnerability exists in Beijing Guo Torch Information Technology Co. jeecg-boot, which can be exploited by an attacker to obtain sensitive information from a database...