SQL Injection Vulnerability in Huaxia ERP (CNVD-2021-27665)

Huaxia ERP based on SpringBoot framework and SaaS model , to provide open source ERP software for small and medium-sized enterprises , currently focusing on sales and marketing inventory + financial + production functions . Huaxia ERP has a SQL injection vulnerability, which can be exploited by...

MCms suffers from SQL injection vulnerability (CNVD-2021-26065)

MCMS is a development template based on SpringBoot 2 architecture , front-end based on vue, element ui . MCms suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database information...

CVE-2021-26987

Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions prior to 1.3.2 are susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-in for vCenter Server, Management Services...

Remote code execution

Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions prior to 1.3.2 are susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-in for vCenter Server, Management Services...

CVE-2021-26987

CVE-2021-26987 affects Element Plug-in for vCenter Server, involving SpringBoot Framework. The vulnerability arises in SpringBoot versions prior to 1.3.2, with all Element Plug-in for vCenter Server versions and related Management Services (prior to 2.17.56) and Management Node versions through 1...

Command Execution Vulnerability in MCMS

MCMS is a development template based on SpringBoot 2 architecture , front-end based on vue, element ui . MCMS suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the web server...

XSS Vulnerability in Huaxia ERP

Huaxia ERP based on SpringBoot framework, SaaS model, determined to provide open source for small and medium-sized ERP software, currently focusing on sales and inventory financial functions. Huaxia ERP system there is an XSS vulnerability , an attacker can use this vulnerability to obtain user...

SQL Injection Vulnerability in SPAdmin

SPAdmin is a backend management system can be quickly developed , integrated with rich third-party APP , the core technology SpringBoot, JPA, Shiro. SPAdmin has a SQL injection vulnerability. Attackers can use the vulnerability to obtain sensitive database information...

Logic flaw vulnerability in the backend of the Ruyi Management System

Ruoyi management system is based on SpringBoot2.0 permissions management system, the core technology using SpringBoot, MyBatis, Shiro, Thymeleaf, Bootstrap, Vue and so on. If the backend of the management system has a logic flaw vulnerability. Attackers can use the vulnerability to overstep the...

SQL Injection Vulnerability in Huaxia ERP (CNVD-2021-23370)

Huaxia ERP based on SpringBoot framework , SaaS model , for small and medium-sized enterprises to provide open source ERP software , currently focusing on sales and inventory + financial functions . Huaxia ERP SQL injection vulnerability , an attacker can use the vulnerability to obtain sensitive...

Huaxia ERP has a logic flaw vulnerability (CNVD-2021-23371)

Huaxia ERP based on SpringBoot framework , SaaS model , for small and medium-sized enterprises to provide open source ERP software , currently focusing on sales and inventory + financial functions . There is a logic flaw vulnerability in Huaxia ERP. An attacker can use this vulnerability to reset...

SQL Injection Vulnerability in Ruoyi Management System

Ruoyi management system is based on SpringBoot2.0 permissions management system, the core technology using SpringBoot, MyBatis, Shiro, Thymeleaf, Bootstrap, Vue and so on. The system suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information fr...

Arbitrary File Read Vulnerability in SPAdmin

SPAdmin is a backend management system can be quickly developed , integrated with rich third-party APP , the core technology SpringBoot, JPA, Shiro. SPAdmin has an arbitrary file read vulnerability, attackers can use this vulnerability to obtain sensitive information...

XSS Vulnerability in OneBlog (CNVD-2021-14414)

OneBlog is a Java blog . Developed using springboot and Bootstrap on the front end. OneBlog has an XSS vulnerability that can be exploited by an attacker to obtain sensitive information such as user cookies...

XSS Vulnerability in OneBlog

OneBlog is a Java blog . Developed using springboot and Bootstrap on the front end. OneBlog has an XSS vulnerability that can be exploited by an attacker to obtain sensitive information such as user cookies...

Arbitrary File Read Vulnerability in Ruyi Management System

Ruoyi management system is a SpringBoot2.0 based on the use of Spring, MyBatis, Shiro rights management system . Ruoyi Management System has an arbitrary file read vulnerability that can be exploited by attackers to obtain sensitive information...

Command Execution Vulnerability in ERP-PRO

ERP-PRO is based on the SpringBoot 2.X framework for small and medium-sized enterprises to build open source ERP software. ERP-PRO suffers from a command execution vulnerability. An attacker can exploit this vulnerability to gain control of the server...

MCMS suffers from a file upload vulnerability (CNVD-2021-03299)

MCMS is a development template based on SpringBoot 2 architecture , front-end based on vue, element ui . MCMS has a file upload vulnerability that can be exploited by an attacker to gain control of the server...

Arbitrary File Download Vulnerability in Ruoyi Management System

Ruoyi management system is a SpringBoot2.0 based on the use of Spring, MyBatis, Shiro rights management system . Ruoyi Management System has an arbitrary file download vulnerability that can be exploited by attackers to obtain sensitive information...

SQL Injection Vulnerability in oasys Frontend

oasys is an OA office automation system , the use of Maven for project management , springboot framework based on the development of the project , mysql underlying database , front-end freemarker template engine , Bootstrap as the front-end UI framework , integrated jpa, mybatis and other...