18 matches found
EUVD-2024-23539
Malicious code in bioql PyPI...
EUVD-2024-23540
Malicious code in bioql PyPI...
CVE-2024-26264
EBM Technologies RISWEB's specific query function parameter does not properly restrict user input, and this feature page is accessible without login. This allows remote attackers to inject SQL commands without authentication, enabling them to read, modify, and delete database records...
CVE-2024-26263
EBM Technologies RISWEB's specific URL path is not properly controlled by permission, allowing attackers to browse specific pages and query sensitive data without login...
CVE-2024-26264
EBM Technologies RISWEB's specific query function parameter does not properly restrict user input, and this feature page is accessible without login. This allows remote attackers to inject SQL commands without authentication, enabling them to read, modify, and delete database records...
CVE-2024-26263
EBM Technologies RISWEB's specific URL path is not properly controlled by permission, allowing attackers to browse specific pages and query sensitive data without login...
Sql injection
EBM Technologies RISWEB's specific query function parameter does not properly restrict user input, and this feature page is accessible without login. This allows remote attackers to inject SQL commands without authentication, enabling them to read, modify, and delete database records...
Path traversal
EBM Technologies RISWEB's specific URL path is not properly controlled by permission, allowing attackers to browse specific pages and query sensitive data without login...
CVE-2024-26264 EBM Technologies RISWEB - SQL Injection
EBM Technologies RISWEB's specific query function parameter does not properly restrict user input, and this feature page is accessible without login. This allows remote attackers to inject SQL commands without authentication, enabling them to read, modify, and delete database records...
CVE-2024-26264
CVE-2024-26264 concerns EBM Technologies RISWEB, where a specific query function parameter does not properly restrict input and the page is accessible without login. This enables remote SQL injection without authentication, allowing an attacker to read, modify, and delete database records. The co...
CVE-2024-26264 EBM Technologies RISWEB - SQL Injection
EBM Technologies RISWEB's specific query function parameter does not properly restrict user input, and this feature page is accessible without login. This allows remote attackers to inject SQL commands without authentication, enabling them to read, modify, and delete database records...
CVE-2024-26263 EBM Technologies RISWEB - Improper Access Control
EBM Technologies RISWEB's specific URL path is not properly controlled by permission, allowing attackers to browse specific pages and query sensitive data without login...
CVE-2024-26263 EBM Technologies RISWEB - Improper Access Control
EBM Technologies RISWEB's specific URL path is not properly controlled by permission, allowing attackers to browse specific pages and query sensitive data without login...
CVE-2024-26263
Summary: CVE-2024-26263 pertains to EBM Technologies RISWEB where a URL path is not properly controlled by permissions, enabling attackers to browse specific pages and query sensitive data without login. The core issue is improper access control affecting RISWEB’s URL paths; exploitation details ...
EBM Technologies RISWEB Security Vulnerability
EBM Technologies RISWEB is an application from China-based EBM Technologies EBM Technologies. A security vulnerability exists in EBM Technologies RISWEB that stems from improper privilege management. The vulnerability allows an attacker to view specific pages and query sensitive data without...
EBM Technologies RISWEB SQL Injection Vulnerability
EBM Technologies RISWEB is an application from China-based EBM Technologies EBM Technologies. EBM Technologies RISWEB suffers from a SQL injection vulnerability that stems from not properly restricting user input. A remote attacker can inject SQL commands without authentication to be able to read...
PT-2024-21317 · Ebm Technologies · Ebm Technologies Risweb
Name of the Vulnerable Software and Affected Versions: EBM Technologies RISWEB affected versions not specified Description: The issue concerns a specific query function parameter in EBM Technologies RISWEB that does not properly restrict user input. This feature page is accessible without login,...
PT-2024-21316 · Ebm Technologies · Ebm Technologies Risweb
Name of the Vulnerable Software and Affected Versions: EBM Technologies RISWEB affected versions not specified Description: The issue concerns a lack of proper permission control for specific URL paths in EBM Technologies RISWEB, allowing attackers to browse certain pages and query sensitive data...