33 matches found
CVE-2026-9544 Shenzhen Sixun Software Sixun Shanghui Group Business Management System PayConfig sql injection
A vulnerability was found in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 10. Affected by this vulnerability is an unknown functionality of the file /api/Dinner/PayConfig. Performing a manipulation of the argument tableno results in sql injection. The attack is possible...
CVE-2025-15038
An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to a disclosure of kernel information or a system crash. Refer to the...
EUVD-2025-208609
An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by a unprivileged local user sending a specially crafted IOCTL request, potentially leading to a disclosure of kernel information or a system crash. Refer to the...
CVE-2025-15038
An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to a disclosure of kernel information or a system crash. Refer to the...
CVE-2025-15038
An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to a disclosure of kernel information or a system crash. Refer to the...
CVE-2025-15038
The CVE-2025-15038 affected component is the ASUS Business System Control Interface driver. A vulnerability described as Out-of-Bounds allows a local, unprivileged user to craft an IOCTL request that can trigger kernel information disclosure or cause a system crash. The exposure is linked to loca...
ASUS Business System Control Interface 安全漏洞
ASUS Business System Control Interface is a system control interface developed by ASUS, a Chinese company. There is a security vulnerability in the ASUS Business System Control Interface. This vulnerability stems from excessive reading of data, which could allow unauthorized local users to access...
CVE-2025-14696 Shenzhen Sixun Software Sixun Shanghui Group Business Management System UpdatePasswordBatch password recovery
A vulnerability was identified in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 4.10.24.3. Affected by this vulnerability is an unknown functionality of the file /api/GylOperator/UpdatePasswordBatch. The manipulation leads to weak password recovery. The attack may be...
CVE-2025-10374
CVE-2025-10374 affects Shenzhen Sixun Business Management System version 7/11. The vulnerability resides in an improper authorization in the file /Adm/OperatorStop, enabling remote exploitation. Exploitation is possible with no privileges and no user interaction; CVSS notes POSsible high impact o...
Samarium 安全漏洞
Samarium is an open source business management system by oitcode individual developers. A security vulnerability exists in Samarium 0.9.6 and earlier versions, which stems from a cross-site scripting vulnerability in files/cms/webpage/...
Information Leakage Vulnerability in Collaborative Business System of Shanghai Panmicro Network Technology Co.
Collaborative Business System is a complete platform for enterprise collaboration. An information leakage vulnerability exists in the Collaborative Business System of Shanghai Panmicro Network Technology Co., Ltd. that can be exploited by an attacker to anonymously obtain a user's login password...
SQL Injection Vulnerability in BPM Business System of Shanghai Yizheng Information Technology Co.
Ltd. was founded in January 2008, specializing in providing enterprise customers with BPM Business Process Management system development, sales and customized business process management solution services. A SQL injection vulnerability exists in the BPM business system of Shanghai Yizheng...
SQL Injection Vulnerability in UQCMS Cloud Business System (CNVD-2020-26524)
UQCMS cloud business system is programmed with PHP + MYSQL, the template uses smarty templates, the front and back end is separated from a B2B2C e-commerce software. UQCMS Cloud Business System has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information...
SQL injection vulnerability in the bi***.cl***.php file of UQCMS Cloud Business System
UQCMS cloud business system is programmed with PHP + MYSQL, the template uses smarty templates, the front and back end is separated from a B2B2C e-commerce software. UQCMS cloud business system bi.cl.php file SQL injection vulnerability, an attacker can use the vulnerability to obtain database...
SQL injection vulnerability in the go***.cl***.php file of UQCMS cloud business system
UQCMS cloud business system is programmed with PHP + MYSQL, the template uses smarty templates, the front and back end is separated from a B2B2C e-commerce software. UQCMS cloud business system go.cl.php file SQL injection vulnerability, an attacker can use the vulnerability to obtain database...
SQL Injection Vulnerability in UQCMS Cloud Business System (CNVD-2020-26528)
UQCMS cloud business system is the program using PHP + MYSQL template using smarty template, front and back end is separated from a B2B2C e-commerce software. UQCMS cloud business system SQL injection vulnerability, an attacker can use the vulnerability to obtain sensitive information in the...
UQCMS Cloud Business System has reloading vulnerability
UQCMS cloud business system is the program using PHP + MYSQL template using smarty template, front and back end is separated from a B2B2C e-commerce software. UQCMS Cloud Business System has a reinstallation vulnerability. An attacker can exploit this vulnerability to reinstall the system...
Arbitrary file upload vulnerability in the al***.cl***.php page of the frontend of UQCMS cloud business system
UQCMS cloud business system is the program using PHP + MYSQL template using smarty template, front and back end is separated from a B2B2C e-commerce software. UQCMS cloud business system front al.cl.php page exists arbitrary file upload vulnerability. An attacker can exploit the vulnerability to...
SQL Injection Vulnerability in uqcms Cloud Business System
UQCMS cloud business system is a B2B2C e-commerce software with the program using PHP+MYSQL and the template using smarty template. UQCMS cloud business system ca.class.php page SQL injection vulnerability, an attacker can use the vulnerability to obtain database sensitive information...
SQL Injection Vulnerability in UQCMS Cloud Business System ca***.cl***.php Page
UQCMS cloud business system is a B2B2C e-commerce software with the program using PHP+MYSQL and the template using smarty template. UQCMS cloud business system ca.cl.php page SQL injection vulnerability, an attacker can use the vulnerability to obtain database sensitive information...