Lucene search
+L

10 matches found

RedhatCVE
RedhatCVE
added 2026/02/28 2:0 p.m.8 views

CVE-2025-11252

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection.This issue affects windesk.Fm: through 27022026. NOTE: The vendor was contacted early about this disclosure but did not...

9.8CVSS5.9AI score0.00388EPSS
Exploits0References1
CNVD
CNVD
added 2024/01/03 12:0 a.m.99 views

Command Execution Vulnerability in Green Alliance WAF of Beijing Shenzhou Green Alliance Technology Co., Ltd (CNVD-2024-07088)

Beijing Shenzhou Green Alliance Technology Co., Ltd. is an enterprise mainly engaged in science and technology promotion and application services. Ltd. Green Alliance WAF has a command execution vulnerability that can be exploited by attackers to execute arbitrary commands...

7.9AI score
Exploits0
CNVD
CNVD
added 2023/06/06 12:0 a.m.14 views

Command Execution Vulnerability in 4A Unified Security Control Platform of Beijing Qixingchen Information Security Technology Co.

Beijing Qixingchen Information Security Technology Co., Ltd. is an enterprise mainly engaged in science and technology promotion and application service industry. A command execution vulnerability exists in the 4A Unified Security Control Platform of Beijing Qixingchen Information Security...

7.6AI score
Exploits0
CNVD
CNVD
added 2022/11/11 12:0 a.m.16 views

Beijing Dawei Zhichuang Technology Co., Ltd.'s Intellectual Property Management System Has Logical Flaws and Vulnerabilities

Beijing Dawei Zhichuang Technology Co., Ltd. is a company whose business scope includes technology development, technology promotion, technology transfer, technology consulting and technology service in the field of computer software, hardware and electronic products. There is a logic flaw...

6.8AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/06/13 12:0 a.m.43 views

JVN#25078144: Source code security studying tool iCodeChecker vulnerable to cross-site scripting

Source code security studying tool iCodeChecker provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Source code security studying tool...

6.1CVSS6.2AI score0.00713EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/06/06 12:0 a.m.31 views

JVN#20870477: Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to remote code execution

AppGoat provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA is a hands-on vulnerability learning tool. Hands-on Vulnerability Learning Tool "AppGoat" for Web Application contains a remote code execution vulnerability. Impact When accessing a specially crafted URL, arbitrary code may be...

8.8CVSS8.9AI score0.01507EPSS
Exploits0
CNVD
CNVD
added 2017/05/24 12:0 a.m.4 views

Information-Technology Promotion Agency Empirical Project Monitor - eXtended Cross-Site Scripting Vulnerability (CNVD-2017-07737)

Information-Technology Promotion Agency Empirical Project Monitor - eXtended is a project progress monitoring software for the Information-Technology Promotion Agency in Japan. eXtended is a project progress monitoring software for the Information-Technology Promotion Agency in Japan. A cross-sit...

6.1CVSS6.2AI score0.01195EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/05/19 12:0 a.m.37 views

JVN#11326581: Empirical Project Monitor - eXtended vulnerable to cross-site scripting

Empirical Project Monitor - eXtended provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA contains a reflected cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Empirical Project Monitor - eXtended The...

6.1CVSS6.1AI score0.01195EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/03/16 4:32 a.m.5 views

Security guide for website operators vulnerable to OS command injection

Overview Security guide for website operators provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA contains an OS command injection vulnerability CWE-78 due to an issue in loading saved data. This vulnerability was reported by IPA to notify users of its solution through JVN. JPCERT/CC a...

8.8CVSS7.6AI score0.01596EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/02/09 12:0 a.m.42 views

JVN#71666779: Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to remote code execution

AppGoat provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA is a hands-on vulnerability learning tool. Hands-on Vulnerability Learning Tool "AppGoat" for Web Application contains a remote code execution vulnerability. Impact If a user accesses a malicious web page, arbitrary code may b...

6.8CVSS6.9AI score0.01501EPSS
Exploits0
Rows per page
Query Builder