CVE-2021-22853 Soar Cloud System Co., Ltd. HR Portal - Broken Access Control

The HR Portal of Soar Cloud System fails to manage access control. While obtaining user ID, remote attackers can access sensitive data via a specific data packet, such as user’s login information, further causing the login function not to work...

Soar Cloud System SQL注入漏洞

Soar Cloud System is a HR system solution system developed by Soar. The Soar Cloud System HR portal suffers from a SQL injection vulnerability that stems from not filtering SQL injection statements, which allows a remote attacker to inject SQL syntax and obtain all data in the database without...

Soar Cloud System HR 安全漏洞

Soar Cloud System is a HR system solution system developed by Soar. Soar Cloud System HR Portal has an access control error that allows remote attackers to access sensitive data through specific packets e.g., user's login information while obtaining a user ID, thus preventing the login function...

Soar Cloud System HR Code Issue Vulnerability

Soar Cloud System HR is an application from Soar Cloud China. It provides a human resources system. A code issue vulnerability exists in Soar Cloud System that arises from improper design or implementation during code development for a web-based system or product...

PT-2021-15226 · Unknown · Soar Cloud System

Name of the Vulnerable Software and Affected Versions: Soar Cloud System affected versions not specified Description: The HR Portal of Soar Cloud System fails to manage access control, allowing remote attackers to access sensitive data via a specific data packet, such as a user's login informatio...

SQL injection vulnerability in ex***.cl***.php file of UQCMS cloud business system

UQCMS cloud business system is programmed with PHP + MYSQL, the template uses smarty templates, the front and back end is separated from a B2B2C e-commerce software. UQCMS cloud business system ex.cl.php file SQL injection vulnerability, an attacker can use the vulnerability to obtain database...

SQL injection vulnerability in the sh***.cl***.php file of UQCMS cloud business system

UQCMS cloud business system is programmed with PHP + MYSQL, the template uses smarty templates, the front and back end is separated from a B2B2C e-commerce software. UQCMS cloud business system sh.cl.php file SQL injection vulnerability, an attacker can use the vulnerability to obtain database...

Changzhou Qingzhifeng Network Technology Co., Ltd. Zhimei cloud station building system has SQL injection vulnerabilities

Qingzhifeng Network Technology Co., Ltd. is a high-tech company operated by Qingfeng Network Group in Jiangsu region with network service as the main business. Changzhou Qingzhifeng Network Technology Co., Ltd. Zhimei cloud station building system SQL injection vulnerability, attackers can use th...

3 6 0 Marvel Team virtualization vulnerabilities the fourth bomb: CVE-2 0 1 5-8 5 6 7 vulnerability analysis-vulnerability warning-the black bar safety net

2 0 1 5 years is“the cloud leap”year, is also a virtualization vulnerability really is people cognition, attention of a year, unwilling to“like the wind”3 6 0 Marvel Team take the initiative, with practical actions for cloud computing escort. As of today, we accumulated in kvm, xen, vmware platfo...