12 matches found
EUVD-2025-33406
In xckk v9.6, there is a SQL injection vulnerability in which the cond parameter in notice/list is not securely filtered, resulting in a SQL injection vulnerability...
CVE-2025-60267
In xckk v9.6, there is a SQL injection vulnerability in which the cond parameter in notice/list is not securely filtered, resulting in a SQL injection vulnerability...
CVE-2025-60267
In xckk v9.6, there is a SQL injection vulnerability in which the cond parameter in notice/list is not securely filtered, resulting in a SQL injection vulnerability...
xckk 安全漏洞
xckk small dish low-code development platform is a low-code development platform open-sourced by China Cloud Network Software bestfeng. A security vulnerability exists in xckk v9.6, which originates from the cond parameter in notice/list is not securely filtered, which may lead to SQL injection...
CVE-2025-60267
In xckk v9.6, there is a SQL injection vulnerability in which the cond parameter in notice/list is not securely filtered, resulting in a SQL injection vulnerability...
CVE-2025-60267
In xckk v9.6, there is a SQL injection vulnerability in which the cond parameter in notice/list is not securely filtered, resulting in a SQL injection vulnerability...
PT-2025-41448
Name of the Vulnerable Software and Affected Versions xckk version 9.6 Description The software contains a SQL injection issue due to insufficient filtering of the cond parameter within the ''/notice/list'' API endpoint. This allows for potential unauthorized database access or modification...
CVE-2025-60267
Summary of CVE-2025-60267 : Several sources describe a SQL injection vulnerability in the xckk v9.6 platform, arising from insufficient filtering of the cond parameter in the /notice/list API endpoint. The root cause is improper input handling that allows attacker-controlled input to influence SQ...
yimioa 安全漏洞
yimioa CloudNet OA is a locally deployed OA software by rabbit personal developer. A security vulnerability exists in yimioa versions prior to v2024.07.04, which stems from an SQL injection in the selectNoticeList method...
CampCodes School Management Software 代码注入漏洞
CampCodes School Management Software is a school management software from CampCodes, Inc. A code injection vulnerability exists in version 1.0 of CampCodes School Management Software, which stems from the parameter Notice in the file /notice-list and can lead to cross-site scripting...
CVE-2022-38276
JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/foldernotice/list...
SQL Injection Vulnerability in the Type Parameter of NoticeList.aspx Page of Wave e-Procurement Platform
Wave e-procurement platform is a proprietary e-commerce platform for enterprises built using cloud computing and e-commerce technology. A SQL injection vulnerability exists in the Type parameter of the NoticeList.aspx page of the Wave e-Procurement Platform, which can be exploited by an attacker ...