15 matches found
EUVD-2022-52368
Malicious code in bioql PyPI...
CVE-2022-30496
SQL injection in Logon Page of IDCE MV's application, version 1.0, allows an attacker to inject SQL payloads in the user field, connecting to a database to access enterprise's private and sensitive information...
CVE-2022-31405
MV iDigital Clinic Enterprise (iDCE) 1.0 stores passwords in cleartext, a vulnerability affecting confidentiality (C HIGH) due to plaintext credential storage. Multiple sources corroborate this issue; the root cause is improper password handling in iDCE 1.0. Documents do not detail existing explo...
CVE-2022-30496
SQL injection in Logon Page of IDCE MV's application, version 1.0, allows an attacker to inject SQL payloads in the user field, connecting to a database to access enterprise's private and sensitive information...
CVE-2022-30496
SQL injection in Logon Page of IDCE MV's application, version 1.0, allows an attacker to inject SQL payloads in the user field, connecting to a database to access enterprise's private and sensitive information...
CVE-2022-30496
SQL injection in Logon Page of IDCE MV's application, version 1.0, allows an attacker to inject SQL payloads in the user field, connecting to a database to access enterprise's private and sensitive information...
Sql injection
SQL injection in Logon Page of IDCE MV's application, version 1.0, allows an attacker to inject SQL payloads in the user field, connecting to a database to access enterprise's private and sensitive information...
MV Informática IDCE MV SQL注入漏洞
MV Informática IDCE MV is a health management software from the Brazilian company MV Informática. MV Informática IDCE MV version 1.0 contains a SQL injection vulnerability that stems from a SQL injection issue in the user field of the login page. An attacker could exploit the vulnerability to...
CVE-2022-30496
SQL injection in Logon Page of IDCE MV's application, version 1.0, allows an attacker to inject SQL payloads in the user field, connecting to a database to access enterprise's private and sensitive information...
CVE-2022-30496
CVE-2022-30496 describes an SQL injection on the login page of MV Informática IDCE MV (version 1.0). The flaw arises in the user field, enabling an attacker to inject SQL payloads and connect to the underlying database to access enterprise‑level private and sensitive information. The provided con...
CVE-2020-23284
Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and paste aspx pages in the end of the URL application that connect into the database which reveals internal and sensitive information without logging into the web application...
Information disclosure
Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and paste aspx pages in the end of the URL application that connect into the database which reveals internal and sensitive information without logging into the web application...
CVE-2020-23284
The CVE-2020-23284 entry concerns the MV IDCE application v1.0, where information disclosure can occur via crafted ASPX pages appended to the end of the URL, enabling access to internal/sensitive data without logging in. The description indicates the flaw affects end-to-end URL handling that inte...
CVE-2020-23284
Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and paste aspx pages in the end of the URL application that connect into the database which reveals internal and sensitive information without logging into the web application...
MV IDCE application 日志信息泄露漏洞
The MV IDCE application is a software application. A log information disclosure vulnerability exists in the MV IDCE application. The vulnerability arises from the abnormal output of log files from a networked system or product...