10 matches found
CVE-2023-30321
Cross Site Scripting XSS vulnerability in textMessage field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code...
Funiture 输入验证错误漏洞
Funiture is a spring project by Zheng Jimin personal developer. It contains features such as rights management, system monitoring, dynamic adjustment of timed tasks, qps limitation, sql monitoring email, captcha service, short link service, dynamic configuration, etc. The vulnerability exists in...
Pix Software Vivaz 安全漏洞
Pix Software Vivaz is an application from Pix Software. A security vulnerability exists in Pix Software Vivaz version 6.0.10, which stems from the usuario parameter in the /servlet?act=login location contains a SQL injection vulnerability...
CVE-2023-30321
Cross Site Scripting XSS vulnerability in textMessage field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code...
CVE-2023-30319
Cross Site Scripting XSS vulnerability in username field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code...
CVE-2023-30321
Cross Site Scripting XSS vulnerability in textMessage field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code...
CVE-2023-30319
Cross Site Scripting XSS vulnerability in username field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code...
CVE-2020-8591
eG Manager 7.1.2 allows authentication bypass via a com.egurkha.EgLoginServlet?uname=admin&upass=&accessKey=eGm0n1t0r request...
CVE-2012-2576
SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler before 5.1.2, and SolarWinds Backup Profiler before 5.1.2 allows remote attackers to execute arbitrary SQL commands via the loginName field...
IBM Rational Focal Point Login Servlet Information Disclosure (CVE-2013-5397)
An information disclosure vulnerability has been reported in IBM Rational Focal Point. The vulnerability is due to an input validation error of the file variable in com.telelogic.focalpoint.pres.controller.LoginController servlet. A remote, unauthenticated attacker could exploit this vulnerabilit...