JeecgBoot 访问控制错误漏洞

JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. JeecgBoot versions 3.9.1 and earlier contained an access control vulnerability. This vulnerability stemmed from improper handling of the parameter userIdentity in the user.getUsername...

CVE-2021-34117

SQL Injection vulnerability in SEO Panel 4.9.0 in api/user.api.php in function getUserName in the username parameter, allows attackers to gain sensitive information...

CVE-2021-34117

SQL Injection vulnerability in SEO Panel 4.9.0 in api/user.api.php in function getUserName in the username parameter, allows attackers to gain sensitive information...

CVE-2021-34117

CVE-2021-34117 concerns a SQL injection in SEO Panel 4.9.0. The vulnerability resides in api/user.api.php, in the getUserName function via the username parameter, potentially allowing an attacker to access sensitive information. Connected documents confirm the affected software/version and the vu...

CVE-2010-1907

The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote attackers to discover the username of the client user, and consequently determine a pathname to a certain user directory, via a call to the GetUserName method...

CVE-2010-1907

The CVE-2010-1907 entry concerns the SdcUser.TgConCtl ActiveX control in tgctlcm.dll used by Consona Live Assistance, Dynamic Agent, and Subscriber Assistance. The vulnerability allows remote attackers to discover the client user’s username and deduce a path to a user directory via GetUserName. I...

CVE-2010-1907

The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote attackers to discover the username of the client user, and consequently determine a pathname to a certain user directory, via a call to the GetUserName method...