7 matches found
Kados R10 GreenBee SQL注入漏洞
Kados R10 GreenBee is a web-based project management and collaboration tool developed by Kados OpenSource. Kados R10 GreenBee has a SQL injection vulnerability. This vulnerability arises from the fact that the releaseid parameter in boardsbuttons/updaterelease.php is not cleaned properly, allowin...
EUVD-2019-20123
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the filterusermail parameter. Attackers can send crafted requests with malicious SQL statements to extract sensitive database information or modify data...
EUVD-2019-20117
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the languagetag parameter. Attackers can submit malicious SQL statements in the languagetag parameter to extract sensitive database information or modify...
CVE-2019-25696
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the languagetag parameter. Attackers can submit malicious SQL statements in the languagetag parameter to extract sensitive database information or modify...
CVE-2019-25702
Kados R10 GreenBee is affected by an SQL injection via the id_project parameter. The vulnerability allows an attacker to manipulate database queries (injected SQL) to disclose or modify data. Documents identify the affected component as Kados R10 GreenBee and confirm the entry’s exploitation cont...
PT-2026-30503
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the id project parameter. Attackers can send crafted requests with malicious SQL statements in the id project parameter to extract sensitive database...
PT-2026-30501
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the id to delete parameter. Attackers can send crafted requests with malicious SQL statements in the id to delete field to extract or modify sensitive...