9 matches found
CVE-2025-9461
A weakness has been identified in diyhi bbs up to 6.8. The impacted element is an unknown function of the file src/main/java/cms/web/action/filePackage/FilePackageManageAction.java of the component File Compression Handler. This manipulation of the argument idGroup causes information disclosure...
diyhi bbs 路径遍历漏洞
diyhi bbs patrol cloud light forum system is a Chinese open source project , using JAVA + MYSQL architecture , adaptive mobile and computer , simple interface , efficient performance . Path traversal vulnerability exists in diyhi bbs version 6.8, the vulnerability stems from the wrong operation o...
CVE-2022-32392
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/actions/manageaction.php:4...
CVE-2022-32392
Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the 'id' parameter at /pms/admin/actions/manageaction.php:4...
Prison Management System SQL注入漏洞
Prison Management System is a prison management system by Carlo Montero's personal developer. v1.0 of Prison Management System is vulnerable to SQL injection, which originates from the application /pms/admin/actions/manageaction. php in the id parameter lack of SQL data filter escaping, an attack...
CVE-2012-4932
Multiple cross-site scripting XSS vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote attackers to inject arbitrary web script or HTML via 1 the having parameter in a manage action to index.php; 2 the Email field in an Add User action; 3 the Customer Name field in an Add...
CVE-2012-4932
Multiple cross-site scripting XSS vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote attackers to inject arbitrary web script or HTML via 1 the having parameter in a manage action to index.php; 2 the Email field in an Add User action; 3 the Customer Name field in an Add...
CVE-2009-0467
Cross-site scripting XSS vulnerability in proxy.html in Profense Web Application Firewall 2.6.2 and 2.6.3 allows remote attackers to inject arbitrary web script or HTML via the proxy parameter in a denylog manage action...
Cross site scripting
Cross-site scripting XSS vulnerability in proxy.html in Profense Web Application Firewall 2.6.2 and 2.6.3 allows remote attackers to inject arbitrary web script or HTML via the proxy parameter in a denylog manage action...