EUVD-2023-45485

Malicious code in bioql PyPI...

CVE-2023-40946

Schoolmate 1.3 is vulnerable to SQL Injection in the variable $username from SESSION in ValidateLogin.php...

kingdee live800在线客服系统SQL注射漏洞

0x01 漏洞概述 相关厂商： live800.com 漏洞时间： 2015-10-18 loginAction.jsp SQL注射漏洞，可看客户与客服对话内容，泄露大量敏感信息。 0x02 漏洞细节 在loginAction.jsp中发现以下内容： String loginName=request.getParameter"loginName"; String password=request.getParameter"password"; String loginServerUrl = request.getParameter"loginServerUrl"; OperatorInf...

Open redirect

Open redirect vulnerability in JForum 2.1.9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnPath parameter in a validateLogin action to jforum.page...