22 matches found
EUVD-2020-12927
Malware in sbrugna...
CVE-2020-20140
Cross Site Scripting XSS vulnerability in Remote Report component under the Open menu in Flexmonster Pivot Table & Charts 2.7.17...
CVE-2025-26200
SQL injection in SLIMS v.9.6.1 allows a remote attacker to escalate privileges via the month parameter in the visitorreportday.php component...
CVE-2025-26200
SQL injection in SLIMS v.9.6.1 allows a remote attacker to escalate privileges via the month parameter in the visitorreportday.php component...
Cross site scripting
Cross Site Scripting XSS vulnerability in the Simple Student Attendance System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the page or classmonth parameter in the /php-attendance/attendancereport component...
CVE-2023-51802
Cross Site Scripting XSS vulnerability in the Simple Student Attendance System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the page or classmonth parameter in the /php-attendance/attendancereport component...
GHSA-RWHX-6HX7-PQC8 SQL injection in jeecgboot
SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote attacker to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component...
CVE-2023-40989
SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote attacker to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component...
Sql injection
SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote attacker to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component...
CVE-2023-40989
SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote attacker to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component...
CVE-2023-24789
jeecg-boot v3.4.4 was discovered to contain an authenticated SQL injection vulnerability via the building block report component...
jeecg SQL注入漏洞
jeecg is a software application. An intelligent development platform based on a code generator. A security vulnerability exists in jeecg jeecg-boot version v3.4.4, which stems from the discovery of the inclusion of an SQL injection vulnerability via the build block report component...
Expense Management System SQL注入漏洞
Expense Management System is an expense management system by Carlo Montero Personal Developer. SourceCodester Expense Management System suffers from a SQL injection vulnerability that originates in the report.php component where the POST parameter handler of the fetchreportcredit function operate...
CVE-2020-20140
Cross Site Scripting XSS vulnerability in Remote Report component under the Open menu in Flexmonster Pivot Table & Charts 2.7.17...
Cross site scripting
Cross Site Scripting XSS vulnerability in Remote Report component under the Open menu in Flexmonster Pivot Table & Charts 2.7.17...
CVE-2020-20140
CVE-2020-20140 is a reflected XSS in Flexmonster Pivot Table & Charts 2.7.17, affecting the Remote Report component under the Open menu. Exploit details indicate the issue stems from insufficient input sanitization of the 'path' parameter in file_specs.php, enabling payload execution. Affected pr...
Cisco Secure Access Control System Remote Code Execution Vulnerability
Cisco Secure Access Control System ACS is the United States Cisco Cisco a set of security access control system. The system can be through the RADIUS, TACACS protocol for network access and network device access control respectively. ACS Report is one of the system report generation component. An...
Cisco Secure Access Control System Remote Code Execution Vulnerability
A vulnerability in the ACS Report component of Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected system. Commands executed by the attacker are processed at the targeted user's privilege level. The vulnerability is d...
CVE-2013-6909
Cross-site scripting XSS vulnerability in a report component in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in a report component in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...