5 matches found
PT-2024-31907 · Zhejiang University · Zhejiang University Entersoft Customer Resource Management System
Name of the Vulnerable Software and Affected Versions: Zhejiang University Entersoft Customer Resource Management System versions v2002 through v2024 Description: An arbitrary file upload vulnerability in the ProductAction.entphone interface allows attackers to execute arbitrary code via uploadin...
Zhejiang University Entersoft Customer Resource Management System 安全漏洞
Zhejiang University Entersoft Customer Resource Management System is a customer resource management system developed by the Zhejiang University team in China. A security vulnerability exists in the Zhejiang University Entersoft Customer Resource Management System due to an arbitrary file upload...
CVE-2019-3577
An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/ProductAction.class.php allows blind SQL Injection via the id0 parameter to the /product URI...
Sql injection
An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/ProductAction.class.php allows blind SQL Injection via the id0 parameter to the /product URI...
CVE-2019-3577
CVE-2019-3577 affects Waimai Super Cms 20150505. The vulnerability is a blind SQL injection in the file web/Lib/Action/ProductAction.class.php, exploitable via the id[0] parameter on the /product endpoint. Source documents do not provide patches or remediation steps. CWE/Details: blind SQL inject...