14 matches found
EUVD-2024-22855
Malicious code in bioql PyPI...
CVE-2024-25515
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the sysfilestorageid parameter at /WorkFlow/wfworkfinishfiledown.aspx...
CVE-2024-25519
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the idlist parameter at /WorkFlow/wfworkprint.aspx...
PT-2024-20994 · Ruvaroa · Ruvaroa
Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: A SQL injection issue was discovered via the bt id parameter at the "/include/get dict.aspx" API endpoint. This allows for potential exploitation. No information is provided about the estimated...
PT-2024-20983 · Ruvaroa · Ruvaroa
Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: A SQL injection issue was discovered via the office missive id parameter at the "/WorkFlow/wf work form save.aspx" API endpoint. This allows attackers to inject malicious SQL. Recommendations:...
PT-2024-20980 · Ruvaroa · Ruvaroa
Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: A SQL injection issue was discovered via the idlist parameter at the "/WorkFlow/wf work print.aspx" API endpoint. This allows for potential exploitation. Recommendations: For versions 6.01...
PT-2024-20993 · Ruvaroa · Ruvaroa
Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: The issue is related to a SQL injection vulnerability. It can be exploited via the PageID parameter at the "/WebUtility/SearchCondiction.aspx" API endpoint. Recommendations: For versions 6.01...
PT-2024-20992 · Ruvaroa · Ruvaroa
Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the PageID parameter at the "/WebUtility/get find condiction.aspx" API endpoint. Recommendations:...
CVE-2024-25507
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the emailattachid parameter at /LHMail/AttachDown.aspx...
CVE-2024-25512
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the attachid parameter at /Bulletin/AttachDownLoad.aspx...
PT-2024-20974 · Ruvaroa · Ruvaroa
Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: A SQL injection issue was discovered via the attach id parameter at the "/Bulletin/AttachDownLoad.aspx" API endpoint. This allows for potential exploitation. Recommendations: For versions 6.01...
PT-2024-20969 · Ruvaroa · Ruvaroa
Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the email attach id parameter at the "/LHMail/AttachDown.aspx" API endpoint. Recommendations: For...
PT-2024-20975 · Ruvaroa · Ruvaroa
Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the file id parameter at the "/CorporateCulture/kaizen download.aspx" API endpoint. Recommendation...
PT-2024-20971 · Ruvaroa · Ruvaroa
Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the sys file storage id parameter at the "/WorkFlow/wf file download.aspx" API endpoint...