CVE-2024-25514

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the templateid parameter at /SysManage/wftemplatechildfieldlist.aspx...

CVE-2024-25518

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the templateid parameter at /WorkFlow/wfgetfieldsapprove.aspx...

CVE-2024-25518

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the templateid parameter at /WorkFlow/wfgetfieldsapprove.aspx...

CVE-2024-25518

RuvarOA v6.01 and v12.01 expose a SQL injection via the template_id parameter on /WorkFlow/wf_get_fields_approve.aspx. Root cause: lack of validation for template_id input, enabling arbitrary SQL execution and potential data disclosure as described across CVE-2024-25518 and related feeds. Documen...

CVE-2024-25514

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the templateid parameter at /SysManage/wftemplatechildfieldlist.aspx...

CVE-2024-25514

RuvarOA versions 6.01 and 12.01 are affected by a SQL injection vulnerability in the template_id parameter of /SysManage/wf_template_child_field_list.aspx. The issue originates from lack of input validation in the affected endpoint. Documented impact includes potential data exposure or manipulati...

WordPress Gift Vouchers SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports personal blog sites on servers running PHP and MySQL.The Gift Vouchers plugin is an e-gift voucher plugin that is used in... A SQL injection vulnerability exists in the...