26 matches found
EUVD-2021-11114
Malware in sbrugna...
EUVD-2023-1075
Malicious code in bioql PyPI...
EUVD-2024-53733
Malicious code in bioql PyPI...
UBUNTU-CVE-2025-38589
In the Linux kernel, the following vulnerability has been resolved: neighbour: Fix null-ptr-deref in neighflushdev. kernel test robot reported null-ptr-deref in neighflushdev. 0 The cited commit introduced per-netdev neighbour list and converted neighflushdev to use it instead of the global hash...
CVE-2024-57765
MSFM before 2025.01.01 was discovered to contain a SQL injection vulnerability via the sname parameter at table/list...
CVE-2024-48218
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list...
CVE-2023-30558
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. User input coming from the dbname in the sql/datadictionary.py tablelist endpoint is passed to the methods that follow in...
CVE-2023-24777
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/list...
CVE-2024-57765
MSFM before 2025.01.01 was discovered to contain a SQL injection vulnerability via the sname parameter at table/list...
CVE-2024-57765
MSFM before 2025.01.01 was discovered to contain a SQL injection vulnerability via the sname parameter at table/list...
PT-2025-3559 · Msfm · Msfm
Name of the Vulnerable Software and Affected Versions: MSFM versions prior to 2025.01.01 Description: The issue is related to a SQL injection vulnerability via the s name parameter at the "table/list" endpoint. This vulnerability allows for potential exploitation. No information is provided about...
Mysiteforme 安全漏洞
Mysiteforme is a permission management system. A SQL injection vulnerability exists in versions of Mysiteforme prior to 2025.01.01, which stems from the lack of validation of the sname parameter in table/list for externally entered SQL statements. An attacker can exploit this vulnerability to...
CVE-2024-57765
MSFM is affected by a SQL injection in the s_name parameter exposed at the table/list endpoint, with versions prior to 2025.01.01 vulnerable. Exploitation could allow execution of arbitrary SQL and theft of sensitive data (per CNVD/CNNVD). Remediation details are not uniformly provided across sou...
CVE-2024-57765
MSFM before 2025.01.01 was discovered to contain a SQL injection vulnerability via the sname parameter at table/list...
SQL injection in funadmin
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list...
CVE-2024-48218
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list...
CVE-2024-48218
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list...
CVE-2024-48218
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list...
FunAdmin 安全漏洞
FunAdmin is FunAdmin open source a lightweight and high-color backend development system based on ThinkPHP6+Layui development. A security vulnerability exists in FunAdmin version 5.0.2, which originates from an SQL injection vulnerability in /curd/table/list...
CVE-2024-48218
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list...