15 matches found
EUVD-2025-22808
Malicious code in bioql PyPI...
CVE-2025-8220
A vulnerability has been found in Engeman Web up to 12.0.0.2. The affected element is an unknown function of the file /Login/RecoveryPass of the component Password Recovery Page. The manipulation of the argument LanguageCombobox as part of Cookie leads to sql injection. The attack is possible to ...
CVE-2025-8220
A vulnerability has been found in Engeman Web up to 12.0.0.2. The affected element is an unknown function of the file /Login/RecoveryPass of the component Password Recovery Page. The manipulation of the argument LanguageCombobox as part of Cookie leads to sql injection. The attack is possible to ...
CVE-2025-8220
A vulnerability has been found in Engeman Web up to 12.0.0.2. The affected element is an unknown function of the file /Login/RecoveryPass of the component Password Recovery Page. The manipulation of the argument LanguageCombobox as part of Cookie leads to sql injection. The attack is possible to ...
CVE-2025-8220 Engeman Web Password Recovery RecoveryPass sql injection
A vulnerability has been found in Engeman Web up to 12.0.0.2. The affected element is an unknown function of the file /Login/RecoveryPass of the component Password Recovery Page. The manipulation of the argument LanguageCombobox as part of Cookie leads to sql injection. The attack is possible to ...
CVE-2025-8220 Engeman Web Password Recovery RecoveryPass sql injection
A vulnerability has been found in Engeman Web up to 12.0.0.2. The affected element is an unknown function of the file /Login/RecoveryPass of the component Password Recovery Page. The manipulation of the argument LanguageCombobox as part of Cookie leads to sql injection. The attack is possible to ...
CVE-2025-8220
Summary: CVE-2025-8220 affects Engeman Web up to 12.0.0.2. The vulnerability is an SQL injection in the Password Recovery Page’s /Login/RecoveryPass, caused by manipulating the LanguageCombobox value in a Cookie. It is remotely exploitable and has public exploit disclosure. A fix is available in ...
Engeman Web SQL注入漏洞
Engeman Web is a maintenance management software from the Brazilian company Engeman. A SQL injection vulnerability exists in Engeman Web version 12.0.0.1 and earlier, which originates from an SQL injection caused by the parameter LanguageCombobox in the file /Login/RecoveryPass...
PT-2025-30992 · Unknown · Engeman Web
Name of the Vulnerable Software and Affected Versions: Engeman Web versions through 12.0.0.1 Description: A critical vulnerability exists in Engeman Web. The issue affects an unknown function within the /Login/RecoveryPass file of the Password Recovery Page component. Manipulation of the...
Engeman 6.x.x SQL Injection
Engeman is a Brasilian software for maintenance control. Version tested: 6.x.x and prior. Next versions appears vulnerable too. The attacker can inject sql codes in username textbox: SQL dump affter injection: select nome,senha,diasexp,dataltsen,permitetroca from cfgusr where nome='NULL' OR NOME'...
Engeman 6.x.x SQL Injection
Exploit for unknown platform in category web applications =========================== Engeman 6.x.x SQL Injection =========================== Engeman is a Brasilian software for maintenance control. Version tested: 6.x.x and prior. Next versions appears vulnerable too. The attacker can inject sql...
Engeman 6.x - SQL Injection
Engeman is a Brasilian software for maintenance control. Version tested: 6.x.x and prior. Next versions appears vulnerable too. The attacker can inject sql codes in username textbox: SQL dump affter injection: select nome,senha,diasexp,dataltsen,permitetroca from cfgusr where nome='NULL' OR NOME'...
Engeman 6.x - SQL Injection
Engeman 6.x - SQL Injection Engeman is a Brasilian software for maintenance control. Version tested: 6.x.x and prior. Next versions appears vulnerable too. The attacker can inject sql codes in username textbox: SQL dump affter injection: select nome,senha,diasexp,dataltsen,permitetroca from cfgus...
Engeman 6.x.x SQL Injection
No description provided by source. Engeman is a Brasilian software for maintenance control. Version tested: 6.x.x and prior. Next versions appears vulnerable too. The attacker can inject sql codes in username textbox: SQL dump affter injection: select nome,senha,diasexp,dataltsen,permitetroca fro...
Engeman - SQL Injection Vulnerability (vendor url erratum)
Engeman is a Brasilian software for maintenance control. Version tested: 6.x.x and prior. Next versions appears vulnerable too. The attacker can inject sql codes in username textbox: SQL dump affter injection: select nome,senha,diasexp,dataltsen,permitetroca from cfgusr where nome='NULL' OR NOME'...