7 matches found
CVE-2024-25521
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the txtkeyword parameter at getcompany.aspx...
CVE-2024-25521
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the txtkeyword parameter at getcompany.aspx...
CVE-2024-25521
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the txtkeyword parameter at getcompany.aspx...
CVE-2024-25521
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the txtkeyword parameter at getcompany.aspx...
CVE-2024-25521
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the txtkeyword parameter at getcompany.aspx...
RuvarOA 安全漏洞
RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which is caused by the lack of validation of the txtkeyword parameter of the getcompany.aspx file against externally entered SQL statements. An attacker can exploit this...
CVE-2024-25521
CVE-2024-25521 affects RuvarOA v6.01 and v12.01. A SQL injection vulnerability exists in the get_company.aspx endpoint via the txt_keyword parameter, caused by lack of input validation against external SQL statements. Reported impact includes the ability to perform illegal SQL commands to access ...