121 matches found
CVE-2025-13769 Uniong|WebITR - SQL Injection
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-13769 Uniong|WebITR - SQL Injection
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
EUVD-2025-199865
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-13769
CVE-2025-13769 concerns WebITR by Uniong, with a SQL injection vulnerability that, when exploited by authenticated remote attackers, can read database contents. The included sources consistently describe the flaw as a SQL injection affecting WebITR; however, no concrete affected version list or v...
CVE-2025-13768 Uniong|WebITR - Authorization Bypass
WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability...
CVE-2025-13768 Uniong|WebITR - Authorization Bypass
WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability...
CVE-2025-13768
CVE-2025-13768 affects WebITR (Uniong). It describes an Authentication Bypass where an authenticated remote attacker can log in as any user by modifying a specific parameter, requiring the attacker to first obtain a user ID. The CVSS 3.1 metrics indicate high impact (C/H, I/H, A/H) with network a...
EUVD-2025-199866
WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability...
PT-2025-48322
Name of the Vulnerable Software and Affected Versions WebITR affected versions not specified Description WebITR, developed by Uniong, contains an Arbitrary File Read issue stemming from Relative Path Traversal. Authenticated remote attackers can exploit this to download arbitrary system files. Th...
Uniong WebITR SQL注入漏洞
Uniong WebITR is an online time and attendance system from China Kaifa Uniong. Uniong WebITR suffers from a SQL injection vulnerability that originates from SQL injection, which allows remote attackers to inject arbitrary SQL commands to read database contents...
Uniong WebITR 安全漏洞
Uniong WebITR is an online time and attendance system from China Kaifa Uniong. A security vulnerability exists in Uniong WebITR that originates from relative path traversal and allows remote attackers to download arbitrary system files...
PT-2025-48321
Name of the Vulnerable Software and Affected Versions WebITR versions affected versions not specified Description WebITR, developed by Uniong, contains a SQL Injection issue. Authenticated remote attackers can inject arbitrary SQL commands, potentially allowing them to read database contents. The...
Uniong WebITR 安全漏洞
Uniong WebITR is an online time and attendance system from China Kaifa Uniong. A security vulnerability exists in Uniong WebITR that originates from an authentication bypass that allows remote attackers to log in as an arbitrary user by modifying specific parameters...
PT-2025-48319
Name of the Vulnerable Software and Affected Versions WebITR versions affected versions not specified Description WebITR developed by Uniong has an authentication bypass issue. Authenticated remote attackers can log in as any user by modifying a specific parameter. To exploit this, attackers must...
Uniong WebITR SQL注入漏洞
Uniong WebITR is an online time and attendance system from China Kaifa Uniong. Uniong WebITR suffers from a SQL injection vulnerability that originates from SQL injection, which allows remote attackers to inject arbitrary SQL commands to read database contents...
PT-2025-48320
Name of the Vulnerable Software and Affected Versions WebITR versions affected versions not specified Description WebITR developed by Uniong has a SQL Injection issue. Authenticated remote attackers can inject arbitrary SQL commands, potentially allowing them to read database contents. The...
EUVD-2025-25509
Malicious code in bioql PyPI...
EUVD-2025-25510
Malicious code in bioql PyPI...
EUVD-2025-25511
Malicious code in bioql PyPI...
EUVD-2025-25508
Malicious code in bioql PyPI...