CVE-2025-1820

A vulnerability has been found in zj1983 zz up to 2024-8 and classified as critical. Affected by this vulnerability is the function getOaWid of the file src/main/java/com/futvan/z/system/zworkflow/ZworkflowAction.java. The manipulation of the argument tableId leads to sql injection. The attack ca...

CVE-2017-18597

The jtrt-responsive-tables plugin before 4.1.2 for WordPress has SQL Injection via the admin/class-jtrt-responsive-tables-admin.php tableId parameter...

JTRT Responsive Tables <= 4.1 – Authenticated SQL Injection

Type user access: single user. $POST‘tableId’ is not escaped. File / Code: Path: /wp-content/plugins/jtrt-responsive-tables/admin/class-jtrt-responsive-tables-admin.php Line : 183 $getTableId = $POST'tableId'; ... $retrievedata = $wpdb-getresults "SELECT FROM $jtrttablesname WHERE jttableIDD = "...

SQL Injection Vulnerability in Tableid Parameter of Mixcall Seat Management System

Mixcall seat management system is based on B/S architecture, the management personnel can directly log into the Mixcall seat management center through the computer, and view the detailed situation related to the seat personnel's voice services. SQL injection vulnerability exists in the Mixcall...

用友FE协作办公系统 V5.5 /indexsearch/filter.jsp文件tableId参数SQL注入漏洞

exp: http://xxx.com/indexsearch/filter.jsp?tableId=1 UNION ALL SELECT NULL,NULL,char126+char126+char126+isnullcastdbname as nvarchar4000,char32+char126+char126+char126,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -...

用友FE协作系统办公系统 filter.jsp 参数tableId SQL注入漏洞

No description provided by source...

Sql injection

SQL injection vulnerability in corporate/Controller in Elitecore Technologies Cyberoam UTM before 10.01.2 build 059 allows remote authenticated administrators to execute arbitrary SQL commands via the tableid parameter. NOTE: some of these details are obtained from third party information...