UBUNTU-CVE-2018-25357

Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code through the dbname parameter. Attackers can send a POST request to install/step1.php with malicious PHP code in the dbname parameter, then...

CVE-2022-46966

Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php...

CVE-2022-46966

Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php...

Revenue Collection System SQL注入漏洞

Revenue Collection System is a landed property billing and payment software by Carlo Montero Individual Developer. A security vulnerability exists in Revenue Collection System v1.0, which stems from its step1.php file that allows attackers to implement SQL injection...

CVE-2022-23855

An issue was discovered in Saviynt Enterprise Identity Cloud EIC 5.5 SP2.x. An authentication bypass in ECM/maintenance/forgotpasswordstep1 allows an unauthenticated user to reset passwords and login as any local account...

Saviynt Enterprise Identity Cloud 授权问题漏洞

Saviynt Enterprise Identity Cloud Saviynt Eic is a cloud-architected, cloud-deployed identity governance and management platform from Saviynt. A security vulnerability exists in Saviynt Enterprise Identity Cloud EIC that stems from an issue discovered in saviynt Enterprise Identity Cloud EIC 5.5...

CVE-2018-14689

An issue was discovered in Subsonic 6.1.1. The transcoding settings are affected by five stored cross-site scripting vulnerabilities in the namex, sourceformatsx, targetFormatx, step1x, and step2x parameters where x is an integer to transcodingSettings.view that could be used to steal session...