10 matches found
EUVD-2024-31647
Malicious code in bioql PyPI...
CVE-2024-3039
A vulnerability classified as critical has been found in Shanghai Brad Technology BladeX 3.4.0. Affected is an unknown function of the file /api/blade-user/export-user of the component API. The manipulation with the input updatexml1,concat0x3f,md5123456,0x3f,1=1 leads to sql injection. It is...
Shanghai Blade Technology Co., Ltd. BladeX suffers from a logic flaw vulnerability
BladeX is a well-designed microservices architecture that provides a full suite of SpringCloud solutions. Ltd. BladeX has a logic flaw vulnerability that can be exploited by an attacker to overstep his authority to obtain sensitive information and perform unauthorized operations...
CVE-2024-3039
A vulnerability classified as critical has been found in Shanghai Brad Technology BladeX 3.4.0. Affected is an unknown function of the file /api/blade-user/export-user of the component API. The manipulation with the input updatexml1,concat0x3f,md5123456,0x3f,1=1 leads to sql injection. It is...
CVE-2024-3039
A vulnerability classified as critical has been found in Shanghai Brad Technology BladeX 3.4.0. Affected is an unknown function of the file /api/blade-user/export-user of the component API. The manipulation with the input updatexml1,concat0x3f,md5123456,0x3f,1=1 leads to sql injection. It is...
CVE-2024-3039 Shanghai Brad Technology BladeX API export-user sql injection
A vulnerability classified as critical has been found in Shanghai Brad Technology BladeX 3.4.0. Affected is an unknown function of the file /api/blade-user/export-user of the component API. The manipulation with the input updatexml1,concat0x3f,md5123456,0x3f,1=1 leads to sql injection. It is...
CVE-2024-3039 Shanghai Brad Technology BladeX API export-user sql injection
A vulnerability classified as critical has been found in Shanghai Brad Technology BladeX 3.4.0. Affected is an unknown function of the file /api/blade-user/export-user of the component API. The manipulation with the input updatexml1,concat0x3f,md5123456,0x3f,1=1 leads to sql injection. It is...
CVE-2024-3039
Affected software: Shanghai Brad Technology BladeX 3.4.0. Vulnerable component: API endpoint /api/blade-user/export-user. Root cause: SQL injection via input manipulation using updatexml(1,concat(0x3f,md5(123456),0x3f),1)=1). Impact: potential remote exploitation allowing unauthorized access or d...
Shanghai Brad Technology BladeX SQL注入漏洞
Shanghai Brad Technology BladeX is a SpringBoot Rapid Development Platform from Shanghai Brad Technology Shanghai, China. A SQL injection vulnerability exists in Shanghai Brad Technology BladeX version 3.4.0, which originates from a SQL injection vulnerability in file/api/blade-user/export-user...
PT-2024-23336 · Shanghai Brad Technology · Bladex
Name of the Vulnerable Software and Affected Versions: Shanghai Brad Technology BladeX version 3.4.0 Description: A critical vulnerability has been found in the API component of Shanghai Brad Technology BladeX, specifically affecting an unknown function of the file /api/blade-user/export-user. Th...