7 matches found
EUVD-2025-4487
Malicious code in bioql PyPI...
CVE-2024-55160
GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the OrderBy parameter at /system/operLog/list...
CVE-2024-55160
GFast (Go Frame-based backend, v2–v3.2) contains a SQL injection vulnerability in the OrderBy parameter used by /system/operLog/list. Root cause: improper handling/validation of the OrderBy value allows attackers to inject SQL, enabling unauthorized access or data leakage. CVSS v3.1 metrics indic...
CVE-2024-55159
GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the SortName parameter at /system/loginLog/list...
CVE-2024-55159
GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the SortName parameter at /system/loginLog/list...
CVE-2024-55159
GFast v2–v3.2 contains a SQL injection vulnerability in the SortName parameter exposed at /system/loginLog/list. Affected versions are 2 through 3.2. The issue is evidenced in multiple sources (e.g., PT-2025-7444) with a recommended workaround: restrict access to the /system/loginLog/list endpoin...
CVE-2024-55159
GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the SortName parameter at /system/loginLog/list...