EUVD-2023-42868

Malicious code in bioql PyPI...

CVE-2024-57760

JeeWMS before v2025.01.01 was discovered to contain a SQL injection vulnerability via the ReportId parameter at /core/CGReportDao.java...

CVE-2023-39122

BMC Control-M through 9.0.20.200 allows SQL injection via the /RF-Server/report/deleteReport report-id parameter. This is fixed in 9.0.21 and is also fixed by a patch for 9.0.20.200...

Adrenalin eSystems HRMS Software Cross-Site Scripting Vulnerability

Adrenalin eSystems HRMS Software is a human resource management system from Adrenalin eSystems India. A cross-site scripting vulnerability exists in the RPT/SSRSDynamicEditReports.aspx page in Adrenalin eSystems HRMS Software version 5.4. A remote attacker can exploit this vulnerability to inject...

CVE-2018-12653

A Reflected Cross Site Scripting XSS vulnerability exists in Adrenalin HRMS 5.4.0. An attacker can input malicious JavaScript code in /RPT/SSRSDynamicEditReports.aspx via 'ReportId' parameter...

Quest KACE System Management Appliance SQL Injection Vulnerability

Quest KACE System Management Appliance is an IT asset management appliance from Quest Software, USA. A SQL injection vulnerability exists in the '/common/runreport.php' script in version 8.0.318 of the Quest KACE System Management Appliance, which stems from the program not filtering incoming...