CVE-2025-15493

A flaw has been found in RainyGao DocSys up to 2.02.36. The impacted element is an unknown function of the file src/com/DocSystem/mapping/ReposAuthMapper.xml. Executing a manipulation of the argument searchWord can lead to sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2025-15493

A flaw has been found in RainyGao DocSys up to 2.02.36. The impacted element is an unknown function of the file src/com/DocSystem/mapping/ReposAuthMapper.xml. Executing a manipulation of the argument searchWord can lead to sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2025-15493 RainyGao DocSys ReposAuthMapper.xml sql injection

A flaw has been found in RainyGao DocSys up to 2.02.36. The impacted element is an unknown function of the file src/com/DocSystem/mapping/ReposAuthMapper.xml. Executing a manipulation of the argument searchWord can lead to sql injection. It is possible to launch the attack remotely. The exploit h...

CVE-2025-15492

A vulnerability was detected in RainyGao DocSys up to 2.02.36. The affected element is an unknown function of the file src/com/DocSystem/mapping/GroupMemberMapper.xml. Performing a manipulation of the argument searchWord results in sql injection. It is possible to initiate the attack remotely. Th...

github docs 安全漏洞

github docs is a software application. A security vulnerability exists in github docs version 2.02.36 and earlier, which stems from an incorrect manipulation of the parameter searchWord in the file src/com/DocSystem/mapping/ReposAuthMapper.xml, which could lead to an SQL injection attack...

MxsDoc 安全漏洞

MxsDoc is Rainy open source a Web-based document management system . A security vulnerability exists in MxsDoc 2.02.36 and earlier versions, which stems from an incorrect manipulation of the parameter searchWord in the file src/com/DocSystem/mapping/GroupMemberMapper.xml, which could lead to an S...

PT-2026-1771

Name of the Vulnerable Software and Affected Versions RainyGao DocSys versions through 2.02.36 Description A flaw exists in RainyGao DocSys that allows for SQL injection. The issue is located in the file src/com/DocSystem/mapping/GroupMemberMapper.xml within an unknown function. Manipulating the...

PT-2026-1772

Name of the Vulnerable Software and Affected Versions RainyGao DocSys versions up to 2.02.36 Description A flaw exists in RainyGao DocSys that allows for SQL injection. The issue is located in an unknown function within the file src/com/DocSystem/mapping/ReposAuthMapper.xml. Manipulating the...

EUVD-2007-4171

Malware in sbrugna...

EUVD-2006-1536

Malware in sbrugna...

EUVD-2010-4940

Malware in sbrugna...

Security Bulletin: IBM Jazz for Service Management is vulnerable to cross-site scripting via searchWord parameter.

Summary IBM Jazz for Service Management is vulnerable to cross-site scripting, allowing malicious scripts to be executed via the searchWord parameter on the static help page CVE-2024-52892. Vulnerability Details CVEID:CVE-2024-52892 DESCRIPTION: IBM Jazz for Service Management is vulnerable to...

PT-2023-9946 · Unknown · 404Like Plugin

Name of the Vulnerable Software and Affected Versions: 404like Plugin versions up to 1.0.2 Description: A critical issue has been found in the 404like Plugin, affecting the checkPage function of the file 404Like.php. The manipulation of the searchWord argument leads to SQL injection, allowing...

WordPress Plugin 404like SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin 404like...

PT-2022-27127 · Unknown · Rainygao Docsys

Name of the Vulnerable Software and Affected Versions: RainyGao DocSys affected versions not specified Description: A critical issue has been identified, affecting the getReposAllUsers function of the file /DocSystem/Repos/getReposAllUsers.do. The manipulation of the searchWord/reposId argument...

Rainy MxsDoc SQL注入漏洞

MxsDoc is Rainy open source a Web-based document management system . Rainy MxsDoc SQL injection vulnerability , the vulnerability stems from the file / DocSystem / Repos / getReposAllUsers.do function getReposAllUsers, the parameter searchWord / reposId operation leads to SQL injection...

CVE-2018-18083

An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is possible via the search.php searchword parameter because "eval" is used during "if" processing...

CVE-2018-18083

CVE-2018-18083 affects DuomiCMS 3.0. Affected component: search.php, where the parameter searchword is processed and unsafely uses eval during if processing, enabling remote PHP code execution. This yields high/severe impact (NVD CVSS3: 9.8, CRITICAL; AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Exploit...

Joomla com_videoflow v1. 1. 3-1. 1. 5 parameter searchword SQL injection vulnerability

No description provided by source...

CVE-2010-4976

Cross-site scripting XSS vulnerability in search/search.php in MetInfo 3.0 allows remote attackers to inject arbitrary web script or HTML via the searchword parameter aka Search Box field. NOTE: some of these details are obtained from third party information...