Lucene search
+L

236 matches found

NVD
NVD
added 2024/05/08 3:15 p.m.13 views

CVE-2024-25518

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the templateid parameter at /WorkFlow/wfgetfieldsapprove.aspx...

9.4CVSS7.9AI score0.00618EPSS
Exploits1References1
NVD
NVD
added 2024/05/08 3:15 p.m.30 views

CVE-2024-25515

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the sysfilestorageid parameter at /WorkFlow/wfworkfinishfiledown.aspx...

7.3CVSS7.9AI score0.00576EPSS
Exploits1References1
OSV
OSV
added 2024/05/08 3:15 p.m.3 views

CVE-2024-25517

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the tbTable argument at /WebUtility/MF.aspx...

9.8CVSS5.8AI score0.00696EPSS
Exploits1References1
OSV
OSV
added 2024/05/08 3:15 p.m.5 views

CVE-2024-25515

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the sysfilestorageid parameter at /WorkFlow/wfworkfinishfiledown.aspx...

7.3CVSS5.8AI score0.00576EPSS
Exploits1References1
OSV
OSV
added 2024/05/08 3:15 p.m.4 views

CVE-2024-25518

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the templateid parameter at /WorkFlow/wfgetfieldsapprove.aspx...

9.4CVSS5.8AI score0.00618EPSS
Exploits1References1
NVD
NVD
added 2024/05/08 3:15 p.m.14 views

CVE-2024-25517

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the tbTable argument at /WebUtility/MF.aspx...

9.8CVSS7.9AI score0.00696EPSS
Exploits1References1
OSV
OSV
added 2024/05/08 3:15 p.m.4 views

CVE-2024-25519

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the idlist parameter at /WorkFlow/wfworkprint.aspx...

9.8CVSS5.8AI score0.00696EPSS
Exploits1References1
NVD
NVD
added 2024/05/08 3:15 p.m.31 views

CVE-2024-25519

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the idlist parameter at /WorkFlow/wfworkprint.aspx...

9.8CVSS7.9AI score0.00696EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/05/08 12:0 a.m.2 views

RuvarOA 安全漏洞

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which is caused by the lack of validation of the officemissiveid parameter in the /WorkFlow/wfworkformsave.aspx file against external SQL input. An attacker can exploit this...

9.4CVSS8.2AI score0.00606EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/05/08 12:0 a.m.13 views

CVE-2024-25526

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the projectid parameter at /ProjectManage/pmgattinc.aspx...

8.3AI score0.00591EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/05/08 12:0 a.m.5 views

PT-2024-20985 · Ruvaroa · Ruvaroa

Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the sys file storage id parameter at the "/WorkPlan/WorkPlanAttachDownLoad.aspx" API endpoint...

9.4CVSS7.7AI score0.00618EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/05/08 12:0 a.m.13 views

CVE-2024-25521

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the txtkeyword parameter at getcompany.aspx...

8.3AI score0.00618EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/05/08 12:0 a.m.5 views

PT-2024-20992 · Ruvaroa · Ruvaroa

Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the PageID parameter at the "/WebUtility/get find condiction.aspx" API endpoint. Recommendations:...

9.8CVSS7.4AI score0.00577EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/05/08 12:0 a.m.20 views

CVE-2024-25520

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /SysManage/sysblogtemplatenew.aspx...

8.3AI score0.00629EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/05/08 12:0 a.m.22 views

CVE-2024-25518

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the templateid parameter at /WorkFlow/wfgetfieldsapprove.aspx...

8.2AI score0.00618EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/05/08 12:0 a.m.7 views

PT-2024-20993 · Ruvaroa · Ruvaroa

Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: The issue is related to a SQL injection vulnerability. It can be exploited via the PageID parameter at the "/WebUtility/SearchCondiction.aspx" API endpoint. Recommendations: For versions 6.01...

9.8CVSS7.4AI score0.00577EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/05/08 12:0 a.m.15 views

CVE-2024-25524

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the sysfilestorageid parameter at /WorkPlan/WorkPlanAttachDownLoad.aspx...

8.3AI score0.00618EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/05/08 12:0 a.m.18 views

CVE-2024-25518

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the templateid parameter at /WorkFlow/wfgetfieldsapprove.aspx...

8.3AI score0.00618EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/05/08 12:0 a.m.14 views

CVE-2024-25531

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the PageID parameter at /WebUtility/SearchCondiction.aspx...

8.3AI score0.00577EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/05/08 12:0 a.m.4 views

RuvarOA 安全漏洞

RuvarOA is an office automation system of China Ruvar Company. A security vulnerability exists in RuvarOA v6.01 and v12.01, which is caused by a SQL injection vulnerability in the btid parameter of the /include/getdict.aspx file...

9.8CVSS7.9AI score0.0051EPSS
Exploits1References2
Rows per page
Query Builder