36 matches found
PT-2025-49514
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-13770
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-13770
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-13769
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-13770 Uniong|WebITR - SQL Injection
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-13770
CVE-2025-13770 affects WebITR by Uniong. A SQL Injection vulnerability allows authenticated remote attackers to inject arbitrary SQL and read database contents. The issue is documented with CVSS v3.1/4.0 bases (6.5 MEDIUM and 7.1 HIGH, respectively). Affected versions are not specified in the sou...
EUVD-2025-199865
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
Uniong WebITR SQL注入漏洞
Uniong WebITR is an online time and attendance system from China Kaifa Uniong. Uniong WebITR suffers from a SQL injection vulnerability that originates from SQL injection, which allows remote attackers to inject arbitrary SQL commands to read database contents...
PT-2025-48320
Name of the Vulnerable Software and Affected Versions WebITR versions affected versions not specified Description WebITR developed by Uniong has a SQL Injection issue. Authenticated remote attackers can inject arbitrary SQL commands, potentially allowing them to read database contents. The...
CVE-2025-13047
CVE-2025-13047 affects the ViewLead Technology Bacteriology Laboratory Reporting System. The vulnerability is a SQL Injection that allows unauthenticated remote attackers to inject arbitrary SQL and read database contents. Root cause and exact vulnerable component are described as an injection fl...
CVE-2025-8858
CVE-2025-8858 concerns the Clinic Image System developed by Changing. The connected documents confirm a SQL Injection vulnerability that enables unauthenticated remote attackers to inject arbitrary SQL to read database contents. No explicit affected versions or fixed/patch information are provide...
CVE-2025-8858 Changing|Clinic Image System - SQL Injection
Clinic Image System developed by Changing has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-9255
WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-9255 Uniong|WebITR - SQL Injection
WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-8914
Organization Portal System developed by WellChoose has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-3707
The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary SQL command to read database contents...