Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2025/05/23 8:35 a.m.13 views

CVE-2024-25528

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /PersonalAffair/worklogtemplateshow.aspx...

5.9CVSS8.4AI score0.00279EPSS
Exploits1References1
osv
osv
added 2024/05/08 5:15 p.m.3 views

CVE-2024-25528

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /PersonalAffair/worklogtemplateshow.aspx...

5.9CVSS5.8AI score0.00279EPSS
Exploits1References1
nvd
nvd
added 2024/05/08 5:15 p.m.8 views

CVE-2024-25528

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /PersonalAffair/worklogtemplateshow.aspx...

5.9CVSS7.9AI score0.00279EPSS
Exploits1References1
osv
osv
added 2024/05/08 4:15 p.m.6 views

CVE-2024-25527

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /PersonalAffair/worklogtemplateshow.aspx...

9.4CVSS5.8AI score0.00512EPSS
Exploits1References1
cnnvd
cnnvd
added 2024/05/08 12:0 a.m.4 views

RuvarOA 安全漏洞

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the id parameter of the /PersonalAffair/worklogtemplateshow.aspx file that lacks validation of externally entered SQL statements. An attacker can exploit...

9.4CVSS8.2AI score0.00512EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2024/05/08 12:0 a.m.5 views

PT-2024-20988 · Ruvaroa · Ruvaroa

Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/PersonalAffair/worklog template show.aspx" API endpoint. Recommendations...

9.4CVSS7.4AI score0.00512EPSS
Exploits1References4
Rows per page
Query Builder