Zhejiang University Entersoft Customer Resource Management System 安全漏洞

Zhejiang University Entersoft Customer Resource Management System is a customer resource management system developed by the Zhejiang University team in China. A security vulnerability exists in the Zhejiang University Entersoft Customer Resource Management System due to an arbitrary file upload...

PT-2024-31907 · Zhejiang University · Zhejiang University Entersoft Customer Resource Management System

Name of the Vulnerable Software and Affected Versions: Zhejiang University Entersoft Customer Resource Management System versions v2002 through v2024 Description: An arbitrary file upload vulnerability in the ProductAction.entphone interface allows attackers to execute arbitrary code via uploadin...

Sql injection

An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/ProductAction.class.php allows blind SQL Injection via the id0 parameter to the /product URI...

CVE-2019-3577

An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/ProductAction.class.php allows blind SQL Injection via the id0 parameter to the /product URI...

CVE-2019-3577

CVE-2019-3577 affects Waimai Super Cms 20150505. The vulnerability is a blind SQL injection in the file web/Lib/Action/ProductAction.class.php, exploitable via the id[0] parameter on the /product endpoint. Source documents do not provide patches or remediation steps. CWE/Details: blind SQL inject...