13 matches found
CVE-2022-27472
SQL injection vulnerability in Topics Counting feature of Roothub 2.6.0 allows unauthorized attackers to execute arbitrary SQL commands via the "s" parameter remotely...
EUVD-2022-31974
Malicious code in bioql PyPI...
CVE-2022-28052
Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution...
CVE-2022-28052
Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution...
Directory traversal
Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution...
CVE-2022-27472
SQL injection vulnerability in Topics Counting feature of Roothub 2.6.0 allows unauthorized attackers to execute arbitrary SQL commands via the "s" parameter remotely...
CVE-2022-27473
SQL injection vulnerability in Topics Searching feature of Roothub 2.6.0 allows unauthorized attackers to execute arbitrary SQL commands via the "s" parameter remotely...
Sql injection
SQL injection vulnerability in Topics Searching feature of Roothub 2.6.0 allows unauthorized attackers to execute arbitrary SQL commands via the "s" parameter remotely...
Sql injection
SQL injection vulnerability in Topics Counting feature of Roothub 2.6.0 allows unauthorized attackers to execute arbitrary SQL commands via the "s" parameter remotely...
CVE-2022-27473
SQL injection vulnerability in Topics Searching feature of Roothub 2.6.0 allows unauthorized attackers to execute arbitrary SQL commands via the "s" parameter remotely...
CVE-2022-27473
The connected sources confirm CVE-2022-27473 is a SQL injection in Roothub 2.6.0’s Topics Searching feature, exploitable via the s parameter to execute arbitrary SQL remotely due to lack of input validation. Affected: Roothub 2.6.0; Root cause: unsafely assembled SQL from external input. Practica...
CVE-2022-27472
SQL injection vulnerability in Topics Counting feature of Roothub 2.6.0 allows unauthorized attackers to execute arbitrary SQL commands via the "s" parameter remotely...
CVE-2022-27472
The connected documents confirm CVE-2022-27472 affects Roothub 2.6.0, specifically the Topics Counting feature. The vulnerability is a SQL injection exploitable via the s parameter, allowing remote attackers to execute arbitrary SQL commands and potentially access or modify data in the database. ...