EUVD-2022-48430

Malicious code in bioql PyPI...

CVE-2024-44757

An arbitrary file download vulnerability in the component /Basics/DownloadInpFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to download arbitrary files and access sensitive information via a crafted interface request...

CVE-2024-44759

An arbitrary file download vulnerability in the component /Doc/DownloadFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to download arbitrary files and access sensitive information via a crafted interface request...

CVE-2024-44756

NUS-M9 ERP Management Software v3.0.0 was discovered to contain a SQL injection vulnerability via the usercode parameter at /UserWH/checkLogin...

CVE-2024-44758

An arbitrary file upload vulnerability in the component /Production/UploadFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to execute arbitrary code via uploading crafted files...

CVE-2024-44756

NUS-M9 ERP Management Software v3.0.0 was discovered to contain a SQL injection vulnerability via the usercode parameter at /UserWH/checkLogin...

PT-2024-31236 · Unknown · Nus-M9 Erp Management

Name of the Vulnerable Software and Affected Versions: NUS-M9 ERP Management Software version 3.0.0 Description: An arbitrary file download issue in the /Basics/DownloadInpFile component allows attackers to download arbitrary files and access sensitive information via a crafted interface request...

CVE-2024-44757

CVE-2024-44757 describes an arbitrary file download vulnerability in the component /Basics/DownloadInpFile of NUS-M9 ERP Management Software v3.0.0, exploitable via a crafted interface request that can expose sensitive files. The initial data indicates a high-severity impact (C:H/I:N/A:N, CVSS 3....

PT-2024-31238 · Unknown · Nus-M9 Erp Management

Name of the Vulnerable Software and Affected Versions: NUS-M9 ERP Management Software version 3.0.0 Description: An arbitrary file download issue in the /Doc/DownloadFile component allows attackers to download arbitrary files and access sensitive information via a crafted interface request...

PT-2024-31237 · Unknown · Nus-M9 Erp Management

Name of the Vulnerable Software and Affected Versions: NUS-M9 ERP Management Software version 3.0.0 Description: An arbitrary file upload issue in the /Production/UploadFile component allows attackers to execute arbitrary code by uploading crafted files. Recommendations: For NUS-M9 ERP Management...

SQL Injection Vulnerability in the ERP Management Cloud Platform for Moon Clubs of Wuhan Jin Tongfang Technology Co. Ltd (CNVD-2024-22433)

Wuhan Jin Tongfang Technology Co., Ltd. is a company that provides informatization solutions for the mother and child service industry. There is a SQL injection vulnerability in the ERP management cloud platform of Wuhan Golden Tongfang Technology Co., Ltd. which can be exploited by attackers to...

CVE-2022-45564

SQL Injection vulnerability in znfit Home improvement ERP management system V5020220207,v42 allows attackers to execute arbitrary sql commands via the userCode parameter to the wechat applet...

CVE-2022-45564

CVE-2022-45564 is a SQL injection vulnerability in znfit Home improvement ERP management system (versions V50_20220207, v42) that allows executing arbitrary SQL via the userCode parameter in the WeChat applet. The issue is critical (CVSS v3.1: 9.8, NETWORK, NONE required, no user interaction), af...

CVE-2022-45564

SQL Injection vulnerability in znfit Home improvement ERP management system V5020220207,v42 allows attackers to execute arbitrary sql commands via the userCode parameter to the wechat applet...

Unauthorized Access Vulnerability in concrete friend mixing plant ERP management system

Hunan AOKE Network Technology Co., Ltd. was founded in 2011, located in Changsha, Hunan Province, the capital of construction machinery, to create the most forward-looking parts trading platform in the concrete industry, and is China's leading provider of information technology solutions for...

SQL Injection Vulnerability in Home Furnishing ERP Management System of Shanghai Furnishing Union Information Technology Co.

Ltd. is a software service company specializing in enterprise management solutions for the decoration industry. There is a SQL injection vulnerability in the Home Decoration ERP Management System of Shanghai Decoration Alliance Information Technology Co., Ltd, which can be exploited by attackers ...

Karakuzu ERP Management Web 5.7.0 - 'k_adi_duz' SQL Injection

Exploit Title: Karakuzu ERP Management Web 5.7.0 - 'kadiduz' SQL Injection Discovery Date: 2019-09-20 Exploit Author: Hakan TAŞKÖPRÜ Vendor Homepage: http://karakuzu.info/ Effected Version = 5.7.0 Vulnerability 1: Unauthenticated SQL Injection ==================================================...

Karakuzu ERP Management Web 5.7.0 - k_adi_duz SQL Injection

Karakuzu ERP Management Web 5.7.0 - kadiduz SQL Injection Exploit Title: Karakuzu ERP Management Web 5.7.0 - 'kadiduz' SQL Injection Discovery Date: 2019-09-20 Exploit Author: Hakan TAŞKÖPRÜ Vendor Homepage: http://karakuzu.info/ Effected Version = 5.7.0 Vulnerability 1: Unauthenticated SQL...

Karakuzu ERP Management Web 5.7.0 - (k_adi_duz) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Karakuzu ERP Management Web 5.7.0 - 'kadiduz' SQL Injection Exploit Author: Hakan TAŞKÖPRÜ Vendor Homepage: http://karakuzu.info/ Effected Version = 5.7.0 Vulnerability 1: Unauthenticated SQL Injection...

票友 ERP 管理系统 <=10.5.6 Ajax/users.ashx 未授权访问

No description provided by source...