CVE-2026-8195

A vulnerability was detected in JeecgBoot up to 3.9.1. The affected element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/CommonController.java of the component SVG File Handler. The manipulation results in cross site...

MAL-2026-2587 Malicious code in @kucoin-gbiz-next/tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74b28e2536b0d59d01e913269776e3bd933f0bce2477136d28b923d2b5222d54 The package @kucoin-gbiz-next/tools was found to contain malicious code. Source: ghsa-malware...

CVE-2026-5616 JeecgBoot AI Chat JeecgBizToolsProvider.java missing authentication

A security vulnerability has been detected in JeecgBoot 3.9.0/3.9.1. The impacted element is an unknown function of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/airag/JeecgBizToolsProvider.java of the component AI Chat Module. Such manipulation leads to...

Municorn FAX App 路径遍历漏洞

Municorn FAX App is a mobile fax application from Municorn Cyprus. A path traversal vulnerability exists in Municorn FAX App version 3.27.0, which stems from a path traversal issue in the component biz.faxapp.app...

CVE-2022-4984

ZenTao Biz 6.5, ZenTao Max 3.0, ZenTao Open Source Edition 16.5, and ZenTao Open Source Edition 16.5.beta1 contain an SQL injection vulnerability in the login functionality. The application does not properly validate the account parameter on /zentao/user-login.html before using it in a database...

CVE-2022-4984

CVE-2022-4984 affects ZenTao Biz < 6.5, ZenTao Max < 3.0, and ZenTao Open Source Edition

CVE-2022-4984 ZenTao Biz < 6.5, Max < 3.0, & Open Source Edition 16.5/16.5beta1 SQL Injection via user-login.html

ZenTao Biz 6.5, ZenTao Max 3.0, ZenTao Open Source Edition 16.5, and ZenTao Open Source Edition 16.5.beta1 contain an SQL injection vulnerability in the login functionality. The application does not properly validate the account parameter on /zentao/user-login.html before using it in a database...

VulnCheck KEV: CVE-2022-4984

ZenTao Biz 6.5, ZenTao Max 3.0, ZenTao Open Source Edition 16.5, and ZenTao Open Source Edition 16.5.beta1 contain an SQL injection vulnerability in the login functionality. The application does not properly validate the account parameter on /zentao/user-login.html before using it in a database...

ZenTao多款产品 安全漏洞

ZenTao Biz and others are a project management software from the Chinese company ZenTao. A security vulnerability exists in several ZenTao products, which stems from insufficient validation of the parameter account in the file /zentao/user-login.html, which could lead to an SQL injection attack...

PT-2025-46894

ZenTao Biz 6.5, ZenTao Max 3.0, ZenTao Open Source Edition 16.5, and ZenTao Open Source Edition 16.5.beta1 contain an SQL injection vulnerability in the login functionality. The application does not properly validate the account parameter on /zentao/user-login.html before using it in a database...

CVE-2025-12927

CVE-2025-12927 affects DedeBIZ up to version 6.3.2. The vulnerability lies in the /admin/archives_add.php component where manipulation of the flags[] argument enables a remote SQL injection. The issue is caused by an unknown function handling flags[] and has publicly disclosed exploits. Multiple ...

CVE-2025-12861 DedeBIZ spec_add.php sql injection

A vulnerability was determined in DedeBIZ up to 6.3.2. Affected by this vulnerability is an unknown functionality of the file /admin/specadd.php. This manipulation of the argument flags causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclose...

CVE-2025-12860 DedeBIZ freelist_main.php sql injection

A vulnerability was found in DedeBIZ up to 6.3.2. Affected is an unknown function of the file /admin/freelistmain.php. The manipulation of the argument orderby results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

EUVD-2025-38254

A vulnerability was found in DedeBIZ up to 6.3.2. Affected is an unknown function of the file /admin/freelistmain.php. The manipulation of the argument orderby results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2025-12860 DedeBIZ freelist_main.php sql injection

A vulnerability was found in DedeBIZ up to 6.3.2. Affected is an unknown function of the file /admin/freelistmain.php. The manipulation of the argument orderby results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

AutoBizLine 2nd Line Android App 安全漏洞

AutoBizLine 2nd Line Android App is a mobile messaging application from AutoBizLine, Inc. A security vulnerability exists in AutoBizLine 2nd Line Android App v1.2.92 and earlier versions, which stems from improper access control in the authentication mechanism, where the server only validates the...

CVE-2025-61220

The incomplete verification mechanism in the AutoBizLine com.mysecondline.app 1.2.91 allows attackers to log in as other users and gain unauthorized access to their personal information...

EUVD-2009-3341

Malware in sbrugna...

EUVD-2008-5269

Malware in sbrugna...

EUVD-2009-3169

Malware in sbrugna...