2 matches found
The vulnerability in the implementation of extended classes in the Java framework for creating and optimizing Google Web Toolkit (GWT) applications allows a malicious individual to gain access to read, modify, or delete data, execute arbitrary code, or cause a service failure.
The vulnerability of the implementation of extended classes in the Java framework for creating and optimizing Google Web Toolkit GWT browser applications is related to deficiencies in the deserialization mechanism when using the Base64 encoding standard. Exploiting this vulnerability may allow an...
CVE-2019-13292
A SQL Injection issue was discovered in webERP 4.15. Payments.php accepts payment data in base64 format. After this is decoded, it is deserialized. Then, this deserialized data goes directly into a SQL query, with no sanitizing checks...