75 matches found
CVE-2019-25457
Web Ofisi Firma v13 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'oz' array parameter. Attackers can send GET requests to category pages with malicious 'oz' values using time-based blind SQL injectio...
CVE-2019-25457
Web Ofisi Firma v13 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'oz' array parameter. Attackers can send GET requests to category pages with malicious 'oz' values using time-based blind SQL injectio...
CVE-2019-25457
Web Ofisi Firma v13 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'oz' array parameter. Attackers can send GET requests to category pages with malicious 'oz' values using time-based blind SQL injectio...
CVE-2019-25457 Web Ofisi Firma v13 SQL Injection via oz Parameter
Web Ofisi Firma v13 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'oz' array parameter. Attackers can send GET requests to category pages with malicious 'oz' values using time-based blind SQL injectio...
CVE-2019-25457 Web Ofisi Firma v13 SQL Injection via oz Parameter
Web Ofisi Firma v13 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'oz' array parameter. Attackers can send GET requests to category pages with malicious 'oz' values using time-based blind SQL injectio...
CVE-2019-25457
Web Ofisi Firma v13 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'oz' array parameter. Attackers can send GET requests to category pages with malicious 'oz' values using time-based blind SQL injectio...
CVE-2019-25457
Web Ofisi Firma v13 is affected by an SQL injection vulnerability in the oz parameter (oz[] array) that allows unauthenticated attackers to manipulate database queries. The issue is exploitable via simple GET requests to category pages, using time-based blind SQL injection payloads to extract dat...
Web Ofisi Firma SQL注入漏洞
Web Ofisi Firma is a general-purpose corporate website script system developed by the Turkish company Web Ofisi. Version 13 of Web Ofisi Firma contains an SQL injection vulnerability, which stems from insufficient input validation for oz array parameters, potentially allowing SQL injection attack...
EUVD-2003-0532
Malware in sbrugna...
EUVD-2025-2724
Malicious code in bioql PyPI...
Malicious code in @zalastax/nolb-oz (npm)
The package @zalastax/nolb-oz was found to contain malicious code...
MAL-2025-12873 Malicious code in @zalastax/nolb-oz (npm)
The package @zalastax/nolb-oz was found to contain malicious code...
CVE-2003-0538
The mailcap file for mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, which allows remote attackers to execute arbitrary Oz programs in a MIME-aware client program...
CVE-2025-32367
The Oz Forensics face recognition application before 4.0.8 late 2023 allows PII retrieval via /statistic/list Insecure Direct Object Reference. NOTE: the number 4.0.8 was used for both the unpatched and patched versions...
CVE-2025-32367
The Oz Forensics face recognition application before 4.0.8 late 2023 allows PII retrieval via /statistic/list Insecure Direct Object Reference. NOTE: the number 4.0.8 was used for both the unpatched and patched versions...
Oz Forensics Oz Liveness 安全漏洞
Oz Forensics Oz Liveness is a leading facial recognition and authentication software from Oz Forensics. A security vulnerability exists in Oz Forensics Oz Liveness versions prior to 4.0.8 late 2023, which stems from an insecure direct object reference that could lead to PII retrieval...
CVE-2025-32367
The Oz Forensics face recognition application before 4.0.8 late 2023 allows PII retrieval via /statistic/list Insecure Direct Object Reference. NOTE: the number 4.0.8 was used for both the unpatched and patched versions...
PT-2025-16145 · Unknown · Oz Forensics
Name of the Vulnerable Software and Affected Versions: Oz Forensics face recognition application versions prior to 4.0.8 Description: The issue allows PII retrieval via /statistic/list Insecure Direct Object Reference. Recommendations: For versions prior to 4.0.8, consider disabling access to the...
CVE-2025-32367
CVE-2025-32367 affects the Oz Forensics face recognition application prior to version 4.0.8 (late 2023). The root cause is an Insecure Direct Object Reference flaw in the /statistic/list endpoint, which could allow retrieval of PII. Public references from NVD/Red Hat describe the vulnerability, w...
CVE-2025-22324
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Andon Ivanov OZ Canonical oz-canonical allows Reflected XSS.This issue affects OZ Canonical: from n/a through = 0.5...