IDI Eikon Governalia 跨站脚本漏洞

IDI Eikon Governalia is an e-government and smart city software platform from the Spanish company IDI Eikon. A cross-site scripting vulnerability exists in IDI Eikon Governalia, which stems from reflective cross-site scripting and could lead to the execution of malicious JavaScript code...

Qualys Achieves FedRAMP® High ATO: Unlocking the Future of Trusted Cybersecurity for Government and Critical Infrastructure

Today, federal agencies and their technology partners are operating in the most scrutinized risk environment in history. The stakes are clear: a breach in high-impact systems – those holding national security, healthcare, or financial data – can result in loss of life, catastrophic economic damag...

Any Indian DigiLocker Account Could've Been Accessed Without Password

The Indian Government said it has addressed a critical vulnerability in its secure document wallet service Digilocker that could have potentially let a remote attacker bypass mobile one-time passwords OTP and sign in as other users. Discovered separately by two independent bug bounty researchers,...

SQL Injection Vulnerability in ChannelList.aspx Page of Shandong Wave Government Approval Platform

Wave Government Approval Platform is a cloud computing infrastructure platform of Shandong Wave Qilu Software Co. A SQL injection vulnerability exists in the ChannelList.aspx page of the Shandong Wave Government Approval Platform, which can be exploited by attackers to obtain sensitive database...

Document Containment Vulnerability in e-Government Platform of Shanghai Jofan Information Technology Co.

The eGovernment platform is an office system. A file inclusion vulnerability exists in the e-government platform of Shanghai Zhuo Fan Information Technology Co., Ltd, which allows attackers to obtain sensitive information such as configuration files by guessing the file directory...

SQL injection vulnerability in txtContent parameter in InteractiveCommunication/InterActiveIndex.aspx of Wave Government Service Platform

Wave software government system is an industry informatization application system built on the basis of cloud computing and big data. There is a SQL injection vulnerability in the txtContent parameter of the InteractiveCommunication/InterActiveIndex.aspx of the Wave government service platform,...