85 matches found
CVE-2026-1248
IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages...
CVE-2026-1248
Technical details (affected components, root cause, remediation) are not publicly available in the provided documents; monitor for updates.
EUVD-2026-32521
IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages...
CVE-2026-1248
IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages...
CVE-2026-1248 IBM Business Automation Workflow information leak
IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages...
CVE-2026-1248 IBM Business Automation Workflow information leak
IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages...
IBM Business Automation Workflow 安全漏洞
IBM Business Automation Workflow is a workflow automation solution developed by the American multinational company International Business Machines IBM. This product is primarily used for workflow management and compliance control, and it features workflow visibility and scalability. There is a...
PT-2026-43995
IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages...
Pedidos SQL注入漏洞
Pedidos is an order management system developed by the Spanish company Pedidos. Version 1.0 of Pedidos contains a SQL injection vulnerability. This vulnerability stems from the q parameter in the ajax/loadproveedores.php file, which allows for arbitrary SQL queries to be executed and database...
CVE-2025-63742
SQL Injection vulnerability in function setwxqyAction in file webmain/task/api/loginAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers gain sensitive information, including administrator accounts, password hashes, database structure, and other critical data via the shouji and userid...
CVE-2025-63740
SQL Injection vulnerability in function getselectdataAjax in file inputAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers gain sensitive information, including administrator accounts, password hashes, database structure, and other critical data via the actstr parameter...
EUVD-2025-202291
SQL Injection vulnerability in function getselectdataAjax in file inputAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers gain sensitive information, including administrator accounts, password hashes, database structure, and other critical data via the actstr parameter...
CVE-2025-63742
SQL Injection vulnerability in function setwxqyAction in file webmain/task/api/loginAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers gain sensitive information, including administrator accounts, password hashes, database structure, and other critical data via the shouji and userid...
CVE-2025-63740
SQL Injection vulnerability in function getselectdataAjax in file inputAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers gain sensitive information, including administrator accounts, password hashes, database structure, and other critical data via the actstr parameter...
CVE-2025-63742
SQL Injection vulnerability in function setwxqyAction in file webmain/task/api/loginAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers gain sensitive information, including administrator accounts, password hashes, database structure, and other critical data via the shouji and userid...
CVE-2025-63740
SQL Injection vulnerability in function getselectdataAjax in file inputAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers gain sensitive information, including administrator accounts, password hashes, database structure, and other critical data via the actstr parameter...
CVE-2025-63742
Xinhu Rainrock RockOA 2.7.0 is identified as vulnerable to a SQL injection in function setwxqyAction of webmain/task/api/loginAction.php, exploitable via the shouji and userid parameters. The issue could reveal administrator accounts, password hashes, database structure, and other sensitive data....
CVE-2025-63740
CVE-2025-63740 : SQL injection in Xinhu Rainrock RockOA 2.7.0, via function getselectdataAjax in inputAction.php (parameter: actstr). Impact includes administrator accounts, password hashes, and database structure. Root cause: improper handling of the actstr parameter leading to data disclosure. ...
CVE-2025-63740
SQL Injection vulnerability in function getselectdataAjax in file inputAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers gain sensitive information, including administrator accounts, password hashes, database structure, and other critical data via the actstr parameter...
CVE-2025-63740
SQL Injection vulnerability in function getselectdataAjax in file inputAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers gain sensitive information, including administrator accounts, password hashes, database structure, and other critical data via the actstr parameter...