130 matches found
EUVD-2025-199865
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-13769 Uniong|WebITR - SQL Injection
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
Uniong WebITR SQL注入漏洞
Uniong WebITR is an online time and attendance system from China Kaifa Uniong. Uniong WebITR suffers from a SQL injection vulnerability that originates from SQL injection, which allows remote attackers to inject arbitrary SQL commands to read database contents...
PT-2025-48321
Name of the Vulnerable Software and Affected Versions WebITR versions affected versions not specified Description WebITR, developed by Uniong, contains a SQL Injection issue. Authenticated remote attackers can inject arbitrary SQL commands, potentially allowing them to read database contents. The...
PT-2025-48320
Name of the Vulnerable Software and Affected Versions WebITR versions affected versions not specified Description WebITR developed by Uniong has a SQL Injection issue. Authenticated remote attackers can inject arbitrary SQL commands, potentially allowing them to read database contents. The...
Uniong WebITR SQL注入漏洞
Uniong WebITR is an online time and attendance system from China Kaifa Uniong. Uniong WebITR suffers from a SQL injection vulnerability that originates from SQL injection, which allows remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-13046
Bacteriology Laboratory Reporting System developed by ViewLead Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-13047
CVE-2025-13047 affects the ViewLead Technology Bacteriology Laboratory Reporting System. The vulnerability is a SQL Injection that allows unauthenticated remote attackers to inject arbitrary SQL and read database contents. Root cause and exact vulnerable component are described as an injection fl...
CVE-2025-12503 Digiwin|EasyFlow .NET and EasyFlow AiNet
EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-62385
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62384
SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database...
CVE-2025-62388
CVE-2025-62388 is an SQL injection in Ivanti Endpoint Manager that enables a remote authenticated attacker to read arbitrary data from the database. The Ivanti security advisory bundle lists this CVE among multiple SQL injection issues and indicates that fixes are being rolled into updates; speci...
PT-2025-41829
Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager affected versions not specified Description A SQL injection issue exists in Ivanti Endpoint Manager. A remotely authenticated attacker can potentially read arbitrary data from the database. The issue allows for...
EUVD-2025-24207
Malicious code in bioql PyPI...
EUVD-2025-26168
Malicious code in bioql PyPI...
EUVD-2025-24548
Malicious code in bioql PyPI...
EUVD-2025-28806
Malicious code in bioql PyPI...
CVE-2025-8858
Clinic Image System developed by Changing has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-8858
Clinic Image System developed by Changing has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-8858 Changing|Clinic Image System - SQL Injection
Clinic Image System developed by Changing has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...