83 matches found
EUVD-2023-28278
Malicious code in bioql PyPI...
CVE-2025-8162
A vulnerability, which was classified as critical, has been found in deerwms deer-wms-2 up to 3.3. Affected by this issue is some unknown functionality of the file /system/dept/list. The manipulation of the argument paramsdataScope leads to sql injection. The attack may be launched remotely. The...
CVE-2025-8127
A vulnerability classified as critical was found in deerwms deer-wms-2 up to 3.3. This vulnerability affects unknown code of the file /system/user/list. The manipulation of the argument paramsdataScope leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to...
CVE-2025-8126
The CVE-2025-8126 affects deerwms deer-wms-2 up to version 3.3. The vulnerability resides in the /system/user/export component, where manipulating the params[dataScope] argument enables SQL injection. It is remotely exploitable and an exploit has been publicly disclosed. Multiple sources confirm ...
deer-wms-2 SQL注入漏洞
deer-wms-2 is a warehouse management system of China deerwms open source. A security vulnerability exists in deer-wms-2 3.3 and earlier versions, which originates from SQL injection due to incorrect manipulation of parameter paramsdataScope in file /system/user/export...
deer-wms-2 SQL注入漏洞
deer-wms-2 is an open source warehouse management system from China's deerwms. A security vulnerability exists in deer-wms-2 3.3 and earlier versions, which originates from SQL injection due to incorrect manipulation of paramsdataScope in the file /system/role/authUser/unallocatedList...
deer-wms-2 注入漏洞
deer-wms-2 is a warehouse management system in China deerwms open source . Deer-wms-2 3.3 and earlier versions exist injection vulnerability, the vulnerability stems from the file /system/role/list on the parameter params dataScope wrong operation leads to SQL injection...
deer-wms-2 SQL注入漏洞
deer-wms-2 is a warehouse management system in China deerwms open source. A security vulnerability exists in deer-wms-2 3.3 and earlier versions, which originates from SQL injection due to incorrect manipulation of paramsdataScope in the file /system/role/authUser/allocatedList...
CVE-2024-40542
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/role?offset...
CVE-2024-40539
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/user...
CVE-2024-40540
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept...
CVE-2024-25168
SQL injection vulnerability in snow snow v.2.0.0 allows a remote attacker to execute arbitrary code via the dataScope parameter of the system/role/list interface...
CVE-2024-40541
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept/build...
CVE-2023-24220
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/RoleMapper.xml...
CVE-2023-24221
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/DeptMapper.xml...
CVE-2024-40539
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/user...
CVE-2024-40542
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/role?offset...
CVE-2024-40539
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/user...
CVE-2024-40540
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept...
CVE-2024-40541
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept/build...