Yonyou UFIDA ERP-NC 代码注入漏洞

Yonyou UFIDA ERP-NC is a kind of Enterprise Resource Planning ERP software, which is mainly used for financial management, supply chain management, production management and customer relationship management of enterprises. Yonyou UFIDA ERP-NC suffers from a cross-site scripting vulnerability that...

CVE-2024-37679

Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp parameter...

CVE-2023-40277

An issue was discovered in OpenClinic GA 5.247.01. A Reflected Cross-Site Scripting XSS vulnerability has been discovered in the login.jsp message parameter...

PT-2024-12880 · Unknown · Openclinic Ga

Name of the Vulnerable Software and Affected Versions: OpenClinic GA version 5.247.01 Description: A Reflected Cross-Site Scripting XSS issue has been discovered. The message parameter in the login.jsp is vulnerable. Recommendations: For OpenClinic GA version 5.247.01, avoid using the message...

CVE-2022-26959

There are two full read/write Blind/Time-based SQL injection vulnerabilities in the Northstar Club Management version 6.3 application. The vulnerabilities exist in the userName parameter of the processlogin.jsp page in the /northstar/Portal/ directory and the userID parameter of the login.jsp pag...

PT-2022-15687 · Sysaid · Sysaid

Name of the Vulnerable Software and Affected Versions: Sysaid – Pro Plus Edition versions v20.4.74 b10 through v22.1.30 b49 Description: The issue allows an attacker to bypass access controls by logging in as a guest and manipulating the URL path to access the system dashboard. The attacker can...