67 matches found
CVE-2026-2103
Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and API keys. The encryption keys are identical across all installations. An attacker with access to the application binary and database can decrypt a...
CVE-2026-2103
Infor SyteLine ERP is affected by CVE-2026-2103 due to hard-coded static cryptographic keys used to encrypt stored credentials (passwords, DB connection strings, API keys). The keys are identical across all installations, enabling an attacker with access to the application binary and database to ...
CVE-2026-2103 Use of Hard-Coded Cryptographic Key for Password Storage
Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and API keys. The encryption keys are identical across all installations. An attacker with access to the application binary and database can decrypt a...
PT-2026-6732
Name of the Vulnerable Software and Affected Versions Infor SyteLine ERP affected versions not specified Description The software utilizes hard-coded, static cryptographic keys for encrypting stored credentials, including user passwords, database connection strings, and API keys. These encryption...
Infor SyteLine ERP 安全漏洞
Infor SyteLine ERP is an enterprise resource planning platform developed by Infor Corporation in the United States. There is a security vulnerability in Infor SyteLine ERP, which stems from the use of hardcoded static encryption keys, potentially leading to the decryption of stored credentials...
EUVD-2020-30944
Infor Storefront B2B 1.0 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'usrname' parameter in login requests. Attackers can exploit the vulnerability by injecting malicious SQL code into the 'usrname' parameter to potentially extract or...
CVE-2020-37033
Infor Storefront B2B 1.0 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'usrname' parameter in login requests. Attackers can exploit the vulnerability by injecting malicious SQL code into the 'usrname' parameter to potentially extract or...
CVE-2020-37033 Infor Storefront B2B 1.0 - 'usr_name' SQL Injection
Infor Storefront B2B 1.0 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'usrname' parameter in login requests. Attackers can exploit the vulnerability by injecting malicious SQL code into the 'usrname' parameter to potentially extract or...
CVE-2020-37033 Infor Storefront B2B 1.0 - 'usr_name' SQL Injection
Infor Storefront B2B 1.0 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'usrname' parameter in login requests. Attackers can exploit the vulnerability by injecting malicious SQL code into the 'usrname' parameter to potentially extract or...
CVE-2020-37033
CVE-2020-37033 is corroborated by PT-2026-5474, which documents an SQL injection in Infor Storefront B2B 1.0 through the login endpoint via the usr name parameter. The root cause is unsafely constructed SQL in the login flow which can lead to arbitrary query manipulation and potential data exposu...
CVE-2020-37033
Infor Storefront B2B 1.0 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'usrname' parameter in login requests. Attackers can exploit the vulnerability by injecting malicious SQL code into the 'usrname' parameter to potentially extract or...
Infor Storefront B2B SQL Injection Vulnerability
Infor Storefront B2B is an e-commerce platform provided by Infor Corporation in the United States. Version 1.0 of Infor Storefront B2B has a SQL injection vulnerability. This vulnerability stems from improper handling of the usrname parameter in login requests, which may lead to SQL injection...
PT-2026-5474
Name of the Vulnerable Software and Affected Versions Infor Storefront B2B version 1.0 Description Infor Storefront B2B version 1.0 contains a SQL injection issue that allows attackers to manipulate database queries. This is achieved through the usr name parameter within login requests. Attackers...
EUVD-2017-15606
Malware in sbrugna...
EUVD-2017-16924
Malware in sbrugna...
EUVD-2017-16923
Malware in sbrugna...
EUVD-2024-54945
Malicious code in bioql PyPI...
data_pipeline_poc
📦 Catalogue Produit Unifié — Data Pipeline 🎯 Objectif Ce...
CVE-2024-51423
Cross Site Scripting vulnerability in Infor Global HR GHR v.11.23.03.00.21 and before allows a remote attacker to execute arbitrary code via the class parameter...
CVE-2024-51423
Cross Site Scripting vulnerability in Infor Global HR GHR v.11.23.03.00.21 and before allows a remote attacker to execute arbitrary code via the class parameter...