Siemens RUGGEDCOM CROSSBOW SQL注入漏洞

Siemens RUGGEDCOM CROSSBOW is a proven secure access management solution from Siemens, Germany. Siemens RUGGEDCOM CROSSBOW suffers from a SQL injection vulnerability due to a failure of an affected client system to properly filter input data before sending it to the SQL server. An attacker could...

Siemens RUGGEDCOM CROSSBOW SQL注入漏洞

Siemens RUGGEDCOM CROSSBOW is a proven secure access management solution from Siemens, Germany. Siemens RUGGEDCOM CROSSBOW suffers from a SQL injection vulnerability that can be exploited by an attacker to send arbitrary SQL commands to a SQL server...

PT-2024-5194 · Siemens · Ruggedcom Crossbow

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM CROSSBOW versions prior to V5.5 Description: The issue is related to the improper sanitization of input data before it is sent to the SQL server. This could allow an attacker to compromise the entire database by executing arbitrary...

Cyber Power Systems PowerPanel Enterprise 安全漏洞

Cyber Power Systems PowerPanel Enterprise is a software program from Cyber Power Systems designed to provide real-time PUE, PUE trends, and total energy use trends. A security vulnerability exists in Cyber Power Systems PowerPanel Enterprise prior to version v2.8.3 that stems from an SQL injectio...

College Management System SQL注入漏洞

College Management System is a simple project organized by Code Projects. It is used to keep track of students, teachers, subjects, schedules and all things related to college. College Management System version 1.0 has a SQL injection vulnerability that stems from a SQL injection vulnerability in...

Microsoft OLE DB Provider for SQL Server 资源管理错误漏洞

Microsoft OLE DB Provider for SQL Server is an API from Microsoft Corporation USA. allows access to data from a variety of sources in a unified way. A resource management error vulnerability exists in Microsoft WDAC OLE DB provider for SQL. The following products and editions are affected:Windows...

Cyber Power Systems PowerPanel Enterprise 安全漏洞

Cyber Power Systems PowerPanel Enterprise is a software program from Cyber Power Systems designed to provide real-time PUE, PUE trends, and total energy use trends. A security vulnerability exists in Cyber Power Systems PowerPanel Enterprise prior to version v2.8.3 that stems from an SQL injectio...

PT-2024-5500 · Umi Cms · Umi Cms

Name of the Vulnerable Software and Affected Versions: UMI CMS affected versions not specified Description: The issue is related to a lack of protection against SQL query structure exploitation in UMI CMS, a multi-site content management system. This could allow a remote attacker to execute...

CVE-2024-25531

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the PageID parameter at /WebUtility/SearchCondiction.aspx...

RuvarOA 安全漏洞

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which is caused by the lack of validation of the PageID parameter in the /WebUtility/SearchCondiction.aspx file against external SQL input. An attacker can exploit this...

BlueNet Technology Clinical Browsing System SQL注入漏洞

BlueNet Technology Clinical Browsing System is a clinical browsing system from BlueNet Technology. A SQL injection vulnerability exists in BlueNet Technology Clinical Browsing System version 1.2.1, which stems from an incorrect manipulation of the parameter INSTICODE that can lead to SQL injectio...

RuvarOA 安全漏洞

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which is caused by a lack of validation of external SQL statements in the /WorkFlow/OfficeFileUpdate.aspx file. An attacker can exploit this vulnerability to execute illegal SQ...

PT-2024-20977 · Ruvaroa · Ruvaroa

Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the sys file storage id parameter at the "/WorkFlow/wf work finish file down.aspx" API endpoint...

RuvarOA 安全漏洞

RuvarOA is an office automation system of China Ruvar Company. A security vulnerability exists in RuvarOA v6.01 and v12.01, which is caused by a SQL injection vulnerability in the btid parameter of the /include/getdict.aspx file...

CVE-2024-33148

J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sqlfilter parameter in the list function...

RuvarOA 安全漏洞

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which is caused by the lack of validation of the emailattachid parameter in the /LHMail/AttachDown.aspx file against external SQL input. An attacker can exploit this...

J2EEFAST 安全漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . J2EEFAST v2.7.0 version of the SQL injection vulnerability , the vulnerability stems from the myProcessList function of the...

RuvarOA 安全漏洞

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the lack of validation of the sysfilestorageid parameter of the /WorkFlow/wffiledownload.aspx file against externally entered SQL statements. An attacker...

J2EEFAST 安全漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free back-end framework platform . A SQL injection vulnerability exists in J2EEFAST v2.7.0, which is caused by the lack of validation of the sqlfilter parameter...

CVE-2024-33411

A SQL injection vulnerability in /model/getadminprofile.php in Campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the myindex parameter...