5 matches found
PT-2026-20487
A security vulnerability has been detected in Alixhan xh-admin-backend up to 1.7.0. This issue affects some unknown processing of the file /frontend-api/system-service/api/system/role/query of the component Database Query Handler. Such manipulation of the argument prop leads to sql injection. It ...
CVE-2025-62346
A Cross-Site Request Forgery CSRF vulnerability was identified in HCL Glovius Cloud. An attacker can force a user's web browser to execute an unwanted, malicious action on a trusted site where the user is authenticated, specifically on one endpoint...
CVE-2025-62346
CVE-2025-62346 affects HCL Glovius Cloud and is described as a Cross-Site Request Forgery (CSRF) vulnerability impacting a single endpoint. The connected sources consistently indicate that an attacker could induce an authenticated user’s browser to perform an unwanted action on a trusted site; no...
EUVD-2025-198270
A Cross-Site Request Forgery CSRF vulnerability was identified in HCL Glovius Cloud. An attacker can force a user's web browser to execute an unwanted, malicious action on a trusted site where the user is authenticated, specifically on one endpoint...
CVE-2023-39650
Theme Volty CMS Blog up to version v4.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /tvcmsblog/single...