13 matches found
CVE-2026-2682
A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.21080262532. Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such manipulation of the argument comid leads to sql injection. The attack can be launched remotely. The...
CVE-2026-2682
A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.21080262532. Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such manipulation of the argument comid leads to sql injection. The attack can be launched remotely. The...
CVE-2026-2682
A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.21080262532. Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such manipulation of the argument comid leads to sql injection. The attack can be launched remotely. The...
CVE-2026-2682 Tsinghua Unigroup Electronic Archives System prinReport.html sql injection
A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.21080262532. Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such manipulation of the argument comid leads to sql injection. The attack can be launched remotely. The...
CVE-2026-2682 Tsinghua Unigroup Electronic Archives System prinReport.html sql injection
A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.21080262532. Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such manipulation of the argument comid leads to sql injection. The attack can be launched remotely. The...
CVE-2026-2682
CVE-2026-2682 affects Tsinghua Unigroup Electronic Archives System up to version 3.2.210802(62532). The vulnerability is a SQL injection in an unknown function exposed via the URL path /mine/PublicReport/prinReport.html?token=java, where manipulating the comid argument leads to injection. The att...
Tsinghua Unigroup Electronic Archives System SQL注入漏洞
Tsinghua Unigroup Electronic Archives System is an electronic archive management system of Tsinghua Unigroup. Versions of Tsinghua Unigroup Electronic Archives System 3.2.21080262532 and earlier have a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter...
CVE-2019-7587
Bo-blog Wind through 1.6.0-r allows SQL Injection via the admin.php/comments/batchdel/ comID parameter because this parameter is mishandled in the mode/admin.mode.php delBlockedBatch function...
Sql injection
Bo-blog Wind through 1.6.0-r allows SQL Injection via the admin.php/comments/batchdel/ comID parameter because this parameter is mishandled in the mode/admin.mode.php delBlockedBatch function...
CVE-2019-7587
CVE-2019-7587 affects Bo-blog Wind through 1.6.0-r. The vulnerability is a SQL Injection in the admin.php/comments/batchdel/ comID parameter, caused by mishandling in the mode/admin.mode.php delBlockedBatch function. The connected sources corroborate the issue and describe it as a SQL injection v...
CVE-2019-7587
Bo-blog Wind through 1.6.0-r allows SQL Injection via the admin.php/comments/batchdel/ comID parameter because this parameter is mishandled in the mode/admin.mode.php delBlockedBatch function...
某通用型电子采购平台SQL注射(涉及大量企业)
简要描述: sql注入,应该没重复吧 详细说明: 之前大牛提交过,其他的还没搜到 WooYun: 某通用型电子采购平台SQL注射(涉及大量企业) google:inurl:custom/CompanyCGList.aspx?ComId= 目测为一采通电子采购平台,所属:北京网达信联科技发展有限公司 百度百科介绍:http://baike.baidu.com/view/5293437.htm?fr=aladdin 涉及大量企业 其中ComId参数存在注入 http://eps.alnan.com.cn/custom/CompanyCGList.aspx?ComId=1...
CVE-2005-4393
Cross-site scripting XSS vulnerability in show.cfm in e-publish CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 obcatid and 2 comid parameters...