CVE-2023-6100

A vulnerability classified as problematic was found in Maiwei Safety Production Control Platform 4.1. This vulnerability affects unknown code of the file /api/DataDictionary/GetItemList. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been...

Sql injection

SQL injection vulnerability in com.xnx3.wangmarket.plugin.dataDictionary.controller.DataDictionaryPluginController.java in wangmarket CMS 4.10 allows remote attackers to run arbitrary SQL commands via the TableName parameter to /plugin/dataDictionary/tableView.do...

CVE-2023-26813

Summary of CVE-2023-26813 : In wangmarket CMS 4.10, the vulnerability is a SQL injection in the dataDictionary API: DataDictionaryPluginController at /plugin/dataDictionary/tableView.do, exploitable via the TableName parameter to run arbitrary SQL commands. Recorded risk is high (CVSS 3.1: 9.8, N...

datadictionary.nhs.uk XSS vulnerability

Open Bug Bounty ID: OBB-577517 Description| Value ---|--- Affected Website:| datadictionary.nhs.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...