14 matches found
CVE-2026-9579
A vulnerability was found in JeecgBoot up to 3.9.1. Impacted is the function user.getUsername of the file /sys/user/login/setting/userEdit of the component SysUser. The manipulation of the argument userIdentity results in improper access controls. The attack may be launched remotely. The exploit...
CVE-2026-9579 JeecgBoot SysUser userEdit user.getUsername access control
A vulnerability was found in JeecgBoot up to 3.9.1. Impacted is the function user.getUsername of the file /sys/user/login/setting/userEdit of the component SysUser. The manipulation of the argument userIdentity results in improper access controls. The attack may be launched remotely. The exploit...
EUVD-2026-31973
A vulnerability was found in JeecgBoot up to 3.9.1. Impacted is the function user.getUsername of the file /sys/user/login/setting/userEdit of the component SysUser. The manipulation of the argument userIdentity results in improper access controls. The attack may be launched remotely. The exploit...
CVE-2026-9579 JeecgBoot SysUser userEdit user.getUsername access control
A vulnerability was found in JeecgBoot up to 3.9.1. Impacted is the function user.getUsername of the file /sys/user/login/setting/userEdit of the component SysUser. The manipulation of the argument userIdentity results in improper access controls. The attack may be launched remotely. The exploit...
PT-2026-43410
A vulnerability was found in JeecgBoot up to 3.9.1. Impacted is the function user.getUsername of the file /sys/user/login/setting/userEdit of the component SysUser. The manipulation of the argument userIdentity results in improper access controls. The attack may be launched remotely. The exploit...
JeecgBoot 访问控制错误漏洞
JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. JeecgBoot versions 3.9.1 and earlier contained an access control vulnerability. This vulnerability stemmed from improper handling of the parameter userIdentity in the user.getUsername...
CVE-2026-37429
qihang-wms commit 75c15a was discovered to contain a SQL injection vulnerability via the datascope parameter in the SysUserMapper.xml file. This vulnerability allows attackers to access sensitive database information, including users' Personally Identifiable Information PII via a crafted SQL...
CVE-2026-37429
qihang-wms commit 75c15a was discovered to contain a SQL injection vulnerability via the datascope parameter in the SysUserMapper.xml file. This vulnerability allows attackers to access sensitive database information, including users' Personally Identifiable Information PII via a crafted SQL...
CVE-2021-39383
DWSurvey v3.2.0 was discovered to contain a remote command execution RCE vulnerability via the component /sysuser/SysPropertyAction.java...
CVE-2021-39383
DWSurvey v3.2.0 was discovered to contain a remote command execution RCE vulnerability via the component /sysuser/SysPropertyAction.java...
Cross site scripting
Cross-site scripting XSS vulnerability in F-Secure Messaging Secure Gateway 7.5.0 before Patch 1862 allows remote authenticated administrators to inject arbitrary web script or HTML via the new parameter in the SysUser module to admin...
CVE-2007-5256
Multiple stack-based buffer overflows in FSD 2.052 d9 and earlier, and FSFDT FSD 3.000 d9 and earlier, allow 1 remote attackers to execute arbitrary code via a long HELP command on TCP port 3010 to the sysuser::exechelp function in sysuser.cc and 2 remote authenticated users to execute arbitrary...
CVE-2007-5256
Multiple stack-based buffer overflows in FSD 2.052 d9 and earlier, and FSFDT FSD 3.000 d9 and earlier, allow 1 remote attackers to execute arbitrary code via a long HELP command on TCP port 3010 to the sysuser::exechelp function in sysuser.cc and 2 remote authenticated users to execute arbitrary...
Sambar Server "Buffer OverFlow" Vulnerabilities
THE SAMBAR SERVER BUFFER OVERFLOW IN SYSUSER LOGIN SYSTEM RISK by mine : 7 1/10 SYSTES AFFECTED: All Sambar Server systems with sysuser login included. VULNERABILITIES: 2 KNOWN can be more DESCRIPTION: This vulnerability is caused because the form that the Sambar Server demon doesn't examinates t...