ShuoRen Times Smart Heating Integrated Management 代码问题漏洞

ShuoRen Times Smart Heating Integrated Management is an intelligent heating management platform developed by ShuoRen Times Corporation. Version 1.0.0 of ShuoRen Times Smart Heating Integrated Management contains a code vulnerability. This vulnerability arises from improper handling of parameters ...

CVE-2025-41028

A SQL Injection vulnerability has been found in Epsilon RH by Grupo Castilla. This vulnerability allows an attacker to retrieve, create, update and delete database via sending a POST request using the parameter ‘sEstadoUsr’ in ‘/epsilonnetws/WSAvisos.asmx’...

Grupo Castilla Epsilon RH 安全漏洞

Grupo Castilla Epsilon RH is a human resource management software from the Spanish company Grupo Castilla. A security vulnerability exists in Grupo Castilla Epsilon RH, which stems from incorrect manipulation of the parameter sEstadoUsr in the file /epsilonnetws/WSAvisos.asmx, which could lead to...

Tcman Gim SQL注入漏洞

Tcman Gim is a facility management software from Tcman Spain designed for use on mobile devices. TCMAN GIM suffers from a SQL injection vulnerability that can be exploited via the "/PC/WebService.asmx" page...

CVE-2020-13499

An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstancePath in CHaD.asmx is vulnerable to unauthenticate...

CVE-2020-13500

SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter ClassName in CHaD.asmx is vulnerable to unauthenticated SQL...

AVEVA eDNA Enterprise Data Historian SQL Injection Vulnerability (CNVD-2025-24160)

Aveva eDNA Enterprise Data Historian is a real-time historical data management software from AVEVA Aveva UK. The software collects, stores, processes, and presents asset-related information to provide better information for decision making this. A SQL injection vulnerability exists in AVEVA eDNA...

XXE Vulnerability in the ManageMenu.asmx File of MicroXia Online Learning Platform

Micro Xia Online Learning Platform is an online education system based on B/S architecture. A XXE vulnerability exists in the ManageMenu.asmx file of MicroXia Online Learning Platform, which can be exploited by an attacker to remotely read arbitrary files from the server...

XXE Vulnerability in the Purview.asmx File of the MicroXia Online Learning Platform

Micro Xia Online Learning Platform is an online education system based on B/S architecture. A XXE vulnerability exists in the Purview.asmx file of MicroXia Online Learning Platform. An attacker can exploit the vulnerability to remotely read arbitrary files on the server...

XXE Vulnerability in Columns.asmx File of Microxia Online Learning Platform

Micro Xia Online Learning Platform is an online education system based on B/S architecture. A XXE vulnerability exists in the Columns.asmx file of MicroXia Online Learning Platform. An attacker can exploit the vulnerability to remotely read arbitrary files on the server...

XXE Vulnerability in Depart.asmx, a Universal Online Learning Platform for MicroXia

Micro Xia Online Learning Platform is an online education system based on B/S architecture. The product/SOPA/Depart.asmx suffers from XXE injection vulnerability, which can be exploited by an attacker to remotely read arbitrary files from the server...

easysite内容管理系统某简单粗暴的SQL注入

简要描述： web services是不会骗人的！ 大量gov站点采用了easysite内容管理系统。 详细说明： 1.soap注入 easysite webservice 文件： http://www.py.gov.cn/DesktopModules/CInfo/WebService/CInfoService.asmx 2.ArticleIDs参数存在SQL注入漏洞 随便找个放sqlmap里跑吧 POST /DesktopModules/CInfo/WebService/CInfoService.asmx HTTP/1.1 Host: dynamic.xmedu.gov.cn...