25 matches found
PHPGurukul Online Fire Reporting System 注入漏洞
Online Fire Reporting System is an online fire reporting system. The Online Fire Reporting System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter requestid in the file /details.php. An attacker can exploi...
Function fulfillRandomWords in VRFNFTRandomDraw contract must not revert
Lines of code Vulnerability details The VRFNFTRandomDraw contract implements the Chainlink VFR feature to pull random data to select the raffle winner. As per their security guidelines the implementation of the fulfillRandomWords function must not revert. Impact If the fulfillRandomWords function...
SQL Injection Vulnerability in Panmicro OA Office System Requestid Parameter
Panavision OA Office System is a coordination office software. A SQL injection vulnerability exists in the Panmicro OA Office System requestid parameter, which allows attackers to exploit the vulnerability to obtain sensitive information from the database...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in jsp/Login.do in ManageEngine OpManager MSP Edition and OpManager 7.0 allow remote attackers to inject arbitrary web script or HTML via the 1 requestid, 2 fileid, 3 woMode, and 2 woID parameters. NOTE: the provenance of this information is...
CVE-2007-5891
Multiple cross-site scripting XSS vulnerabilities in jsp/Login.do in ManageEngine OpManager MSP Edition and OpManager 7.0 allow remote attackers to inject arbitrary web script or HTML via the 1 requestid, 2 fileid, 3 woMode, and 2 woID parameters. NOTE: the provenance of this information is...