52 matches found
EUVD-2025-28884
Malicious code in bioql PyPI...
EUVD-2023-46637
Malicious code in bioql PyPI...
CVE-2025-10822
A vulnerability has been found in fuyanglipengjun platform 1.0. The impacted element is the function SysSmsLogController of the file /sys/smslog/queryAll. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit has been disclosed to the public and m...
CVE-2025-10822 fuyang_lipengjun platform queryAll SysSmsLogController improper authorization
A vulnerability has been found in fuyanglipengjun platform 1.0. The impacted element is the function SysSmsLogController of the file /sys/smslog/queryAll. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit has been disclosed to the public and m...
CVE-2025-10084
A vulnerability was identified in elunez eladmin up to 2.7. This affects the function queryErrorLogDetail of the file /api/logs/error/1 of the component SysLogController. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit is publicly...
CVE-2025-9740 code-projects Human Resource Integrated System log_query.php sql injection
A vulnerability was found in code-projects Human Resource Integrated System 1.0. This affects an unknown part of the file /logquery.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...
CVE-2025-9740
CVE-2025-9740 affects code-projects Human Resource Integrated System 1.0. The vulnerability is in /log_query.php where manipulation of the ID parameter enables SQL injection, with remote exploitation and public availability of the exploit. Multiple sources corroborate the issue across vendors and...
CVE-2025-9740 code-projects Human Resource Integrated System log_query.php sql injection
A vulnerability was found in code-projects Human Resource Integrated System 1.0. This affects an unknown part of the file /logquery.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...
PT-2025-35421
Name of the Vulnerable Software and Affected Versions: code-projects Human Resource Integrated System version 1.0 Description: A SQL injection issue exists in the /log query.php file. Manipulation of the ID argument can lead to SQL injection. The exploit has been made public and could be used to...
Code-Projects Human Resource Integrated System 安全漏洞
Human Resource Integrated System is a human resource management system. Human Resource Integrated System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter ID of the file /logquery.php. An attacker can exploit...
Linux Distros Unpatched Vulnerability : CVE-2016-10204
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query...
CVE-2023-39678
A cross-site scripting XSS vulnerability in the device web interface Log Query page of BDCOM OLT P3310D-2AC 10.1.0F Build 69083 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter...
CVE-2023-42178
Lenosp 1.0.0-1.2.0 is vulnerable to SQL Injection via the log query module...
Exploit Me, Baby, One More Time: Command Injection in Kubernetes Log Query
A vulnerability in Kubernetes allows remote code execution. Read how abusing Log Query can lead to a complete takeover of all Windows nodes in a cluster...
Exploit Me, Baby, One More Time: Command Injection in Kubernetes Log Query
A vulnerability in Kubernetes allows remote code execution. Read how abusing Log Query can lead to a complete takeover of all Windows nodes in a cluster...
CVE-2023-42178
Lenosp 1.0.0-1.2.0 is vulnerable to SQL Injection via the log query module...
CVE-2023-42178
Lenosp 1.0.0-1.2.0 is vulnerable to SQL Injection via the log query module...
CVE-2023-42178
Lenosp 1.0.0-1.2.0 is vulnerable to SQL Injection via the log query module...
Sql injection
Lenosp 1.0.0-1.2.0 is vulnerable to SQL Injection via the log query module...
PT-2023-28285
Name of the Vulnerable Software and Affected Versions Lenosp versions 1.0.0 through 1.2.0 Description The issue concerns SQL Injection via the log query module. Recommendations For versions 1.0.0 through 1.2.0, consider restricting access to the log query module to minimize the risk of...