CGM CLININET SQL Injection Vulnerability (CNVD-2025-19810)

CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from a SQL injection vulnerability that originates from the lack of validation of the UserID parameter of the getUserInfo function against external input SQL statements. An attacker can exploit this...

CVE-2025-30060

In the ReturnUserUnitsXML.pl service, the "getUserInfo" function is vulnerable to SQL injection through the "UserID" parameter...

CVE-2025-30060 SQL injection in ReturnUserUnitsXML.pl via the UserID parameter

In the ReturnUserUnitsXML.pl service, the "getUserInfo" function is vulnerable to SQL injection through the "UserID" parameter...

CVE-2025-30060 SQL injection in ReturnUserUnitsXML.pl via the UserID parameter

In the ReturnUserUnitsXML.pl service, the "getUserInfo" function is vulnerable to SQL injection through the "UserID" parameter...

CGM CLININET SQL注入漏洞

CGM CLININET is a hospital information management system from German company CGM. CGM CLININET suffers from a SQL injection vulnerability that stems from improper handling of the UserID parameter in the getUserInfo function, which could lead to a SQL injection attack...

Cisco UCS-IMC Supervisor 2.2.0.0 Authentication Bypass

Exploit Title: Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass + Cisco IMC Supervisor - 2.2.1.0 + Date: 08/21/2019 + Affected Component: /app/ui/ClientServlet?apiName=GetUserInfo + Vendor:...

Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass Vulnerability

Exploit Title: Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass + Cisco IMC Supervisor - 2.2.1.0 + Affected Component: /app/ui/ClientServlet?apiName=GetUserInfo + Vendor:...

CVE-2020-11704

An issue was discovered in ProVide formerly zFTPServer through 13.1. The Admin Web Interface has Multiple Stored and Reflected XSS. GetInheritedProperties is Reflected via the groups parameter. GetUserInfo is Reflected via POST data. SetUserInfo is Stored via the general parameter...

SiteServer cms系统modal_UserView.aspx页面 sql注入漏洞

1.漏洞代码。 在Bin\UserCenter.Pages.dll文件中，UserCenter.BackgroundPages.Modal.UserView类的PageLoad方法中，可以见到如下代码： public void PageLoadobject sender, EventArgs e string text = base.Request.QueryString"UserName"; //获取UserName bool flag2; bool flag = flag2 ? 1u : 0u 4294967295u; ArrayList arrayList; if !flag if...

CA ARCserve Backup Multiple Bufffer Overflow Vulnerabilities

Multiple stack-based buffer overflows in CA Computer Associates BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long 1 username or 2 password to the rxrLogin command in rxRPC.dll, or a long 3 username argument to the...

CVE-2007-5003

Multiple stack-based buffer overflows in CA Computer Associates BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long 1 username or 2 password to the rxrLogin command in rxRPC.dll, or a long 3 username argument to the...

Stack overflow

Multiple stack-based buffer overflows in CA Computer Associates BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long 1 username or 2 password to the rxrLogin command in rxRPC.dll, or a long 3 username argument to the...