CVE-2018-25392

MaxOn ERP Software 8.x-9.x contains an SQL injection vulnerability that allows authenticated users to execute arbitrary SQL queries through the nomor, user, and jenis parameters in the logactivity function. Attackers can send POST requests to /index.php/user/logactivity with malicious SQL code in...

CVE-2018-25392 MaxOn ERP Software 8.x-9.x SQL Injection via nomor Parameter

MaxOn ERP Software 8.x-9.x contains an SQL injection vulnerability that allows authenticated users to execute arbitrary SQL queries through the nomor, user, and jenis parameters in the logactivity function. Attackers can send POST requests to /index.php/user/logactivity with malicious SQL code in...

CVE-2018-25392

MaxOn ERP Software 8.x-9.x contains an SQL injection vulnerability exploitable by authenticated users through the log_activity function. The flaw occurs in /index.php/user/log_activity where parameters nomor, user, and jenis can be tainted with arbitrary SQL. Successful exploitation can enumerate...

CVE-2018-25392 MaxOn ERP Software 8.x-9.x SQL Injection via nomor Parameter

MaxOn ERP Software 8.x-9.x contains an SQL injection vulnerability that allows authenticated users to execute arbitrary SQL queries through the nomor, user, and jenis parameters in the logactivity function. Attackers can send POST requests to /index.php/user/logactivity with malicious SQL code in...

PT-2026-44870

MaxOn ERP Software 8.x-9.x contains an SQL injection vulnerability that allows authenticated users to execute arbitrary SQL queries through the nomor, user, and jenis parameters in the log activity function. Attackers can send POST requests to /index.php/user/log activity with malicious SQL code ...

Maxon ERP SQL注入漏洞

Maxon ERP is an ERP software developed by Maxon ERP Corporation. The SQL injection vulnerability exists in versions 8.x to 9.x of Maxon ERP Software. This vulnerability stems from the nomor, user, and jenis parameters in the logactivity function, which may allow authenticated users to execute...

EUVD-2023-45058

Malicious code in bioql PyPI...

EUVD-2023-45061

Malicious code in bioql PyPI...

EUVD-2023-45060

Malicious code in bioql PyPI...

EUVD-2023-45053

Malicious code in bioql PyPI...

EUVD-2022-43214

Malicious code in bioql PyPI...

EUVD-2023-45054

Malicious code in bioql PyPI...

EUVD-2023-45057

Malicious code in bioql PyPI...

EUVD-2023-45062

Malicious code in bioql PyPI...

EUVD-2023-45056

Malicious code in bioql PyPI...

EUVD-2023-45055

Malicious code in bioql PyPI...

EUVD-2023-45059

Malicious code in bioql PyPI...

CVE-2024-25423

An issue in MAXON CINEMA 4D R2024.2.0 allows a local attacker to execute arbitrary code via a crafted c4dbase.xdl64 file...

CVE-2022-3878

A vulnerability classified as critical has been found in Maxon ERP. This affects an unknown part of the file /index.php/purchaseorder/browsedata. The manipulation of the argument tbsearch leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2023-40490

Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit this vulnerability in that the target must visit a...