6 matches found
Octopus SQL Injection Vulnerability
Octopus Deploy is an automation tool for .NET, Java and other application development and deployment from Octopus Deploy Australia. An SQL injection vulnerability exists in Octopus version 1.0, which stems from the parameter ancestors in the file /system/dept/edit that can lead to SQL injection...
PT-2024-15895 · Unknown · Hongmaple Octopus
Name of the Vulnerable Software and Affected Versions: hongmaple octopus version 1.0 Description: A critical issue has been found in the software, affecting an unknown function of the file /system/dept/edit. The manipulation of the ancestors argument leads to SQL injection. This issue can be...
CVE-2023-49371
RuoYi up to v4.6 was discovered to contain a SQL injection vulnerability via /system/dept/edit...
CVE-2023-49371
RuoYi up to v4.6 was discovered to contain a SQL injection vulnerability via /system/dept/edit...
PT-2023-31185 · Ruoyi · Ruoyi
Name of the Vulnerable Software and Affected Versions: RuoYi versions up to v4.6 Description: The issue is a SQL injection vulnerability. It can be exploited via the "/system/dept/edit" API endpoint. Recommendations: For versions up to v4.6, as a temporary workaround, consider restricting access ...
CVE-2023-49371
RuoYi up to v4.6 was discovered to contain a SQL injection vulnerability via /system/dept/edit...