EUVD-2021-27819

Malicious code in bioql PyPI...

EUVD-2023-12776

Malicious code in bioql PyPI...

CVE-2023-0758

A vulnerability was found in glorylion JFinalOA 1.0.2 and classified as critical. This issue affects some unknown processing of the file src/main/java/com/pointlion/mvc/common/model/SysOrg.java. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The...

CVE-2023-0758

A vulnerability was found in glorylion JFinalOA 1.0.2 and classified as critical. This issue affects some unknown processing of the file src/main/java/com/pointlion/mvc/common/model/SysOrg.java. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The...

CVE-2023-0758

A vulnerability was found in glorylion JFinalOA 1.0.2 and classified as critical. This issue affects some unknown processing of the file src/main/java/com/pointlion/mvc/common/model/SysOrg.java. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The...

Sql injection

A vulnerability was found in glorylion JFinalOA 1.0.2 and classified as critical. This issue affects some unknown processing of the file src/main/java/com/pointlion/mvc/common/model/SysOrg.java. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The...

CVE-2023-0758

CVE-2023-0758 affects glorylion JFinalOA 1.0.2. A SQL injection flaw arises from the id parameter in SysOrg.java (src/main/java/com/pointlion/mvc/common/model/SysOrg.java). The issue can be exploited remotely and leads to high impact on confidentiality, integrity, and availability. Multiple conne...

PT-2023-16506 · Glorylion · Jfinaloa

Name of the Vulnerable Software and Affected Versions: glorylion JFinalOA version 1.0.2 Description: A critical issue affects the processing of the file src/main/java/com/pointlion/mvc/common/model/SysOrg.java, where the manipulation of the id argument leads to sql injection. The attack can be...

CVE-2021-40645

An SQL Injection vulnerability exists in glorylion JFinalOA as of 9/7/2021 in the defkey parameter getHaveDoneTaskDataList method of the FlowTaskController...

CVE-2021-40645

An SQL Injection vulnerability exists in glorylion JFinalOA as of 9/7/2021 in the defkey parameter getHaveDoneTaskDataList method of the FlowTaskController...

Sql injection

An SQL Injection vulnerability exists in glorylion JFinalOA as of 9/7/2021 in the defkey parameter getHaveDoneTaskDataList method of the FlowTaskController...

CVE-2021-40645

An SQL Injection vulnerability exists in glorylion JFinalOA as of 9/7/2021 in the defkey parameter getHaveDoneTaskDataList method of the FlowTaskController...

CVE-2021-40645

glorylion JFinalOA contains an SQL injection in the defkey parameter of FlowTaskController.getHaveDoneTaskDataList. The root cause is improper handling of the defkey input, enabling arbitrary SQL execution with potential HIGH confidentiality impact. Affected versions/details are not provided in t...