PT-2026-2176

Name of the Vulnerable Software and Affected Versions OPEXUS eCasePortal versions prior to 9.0.45.0 Description OPEXUS eCasePortal allows an unauthenticated attacker to access and manipulate user-uploaded files. An attacker can navigate to the ''Attachments.aspx'' endpoint and, by iterating throu...

EUVD-2009-4631

Malware in sbrugna...

CVE-2024-12023

The FULL – Cliente plugin for WordPress is vulnerable to SQL Injection via the 'formId' parameter in all versions 3.1.5 to 3.1.25 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated...

CVE-2022-29940

In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameters formseq and formid in interface\orders\findorderpopup.php leads to multiple cross-site scripting XSS vulnerabilities...

LibreHealth EHR 跨站脚本漏洞

LibreHealth EHR is a clinically-focused Electronic Health Record EHR system designed to be easy to use out-of-the-box or customized for use in a variety of healthcare settings. A security vulnerability exists in LibreHealth EHR 2.0.0, which stems from the lack of filter escaping for the GET...

CVE-2009-4667

SQL injection vulnerability in form.php in WebMember 1.0 allows remote authenticated users to execute arbitrary SQL commands via the formID parameter...

Sql injection

SQL injection vulnerability in form.php in WebMember 1.0 allows remote authenticated users to execute arbitrary SQL commands via the formID parameter...

CVE-2008-2835

SQL injection vulnerability in cgi-bin/igsuite in IGSuite 3.2.4 allows remote attackers to execute arbitrary SQL commands via the formid parameter...

Sql injection

SQL injection vulnerability in cgi-bin/igsuite in IGSuite 3.2.4 allows remote attackers to execute arbitrary SQL commands via the formid parameter...

CVE-2008-2835

SQL injection vulnerability in cgi-bin/igsuite in IGSuite 3.2.4 allows remote attackers to execute arbitrary SQL commands via the formid parameter...