223 matches found
CVE-2024-43772
The Easytest Online Test Platform (Huachu) contains an SQL injection in the download student learning course function, exploitable via the uid parameter in versions prior to 24E01. Impact: remote arbitrary SQL execution and potential data access/modification. Mitigation: upgrade to version 24E01 ...
CVE-2024-43772 Huachu Easytest Online Learning Test Platform - SQL Injection
SQL Injection in download student learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote attackers to execute arbitrary SQL commands via the uid parameter...
PT-2024-30644 · Unknown · Easytest Online Test Platform
Name of the Vulnerable Software and Affected Versions: Easytest Online Test Platform versions prior to ver.24E01 Description: The issue allows remote attackers to execute arbitrary SQL commands via the uid parameter in the download student learning course function. This enables attackers to...
IBM Rational Asset Manager Privilege Control Issue Vulnerability
IBM Rational Asset Manager is a collaborative software development tool from IBM, USA. Organizations can use it to identify, manage and govern the design, development and use of software assets and services. A privilege control issue vulnerability exists in IBM Rational Asset Manager version 7.5...
PT-2023-32902 · Unknown · Code-Projects Client Details System
Name of the Vulnerable Software and Affected Versions: code-projects Client Details System version 1.0 Description: A vulnerability was found in the code-projects Client Details System, classified as problematic. It affects an unknown function of the file /admin/update-clients.php. The manipulati...
Unspecified Vulnerability in Emlog (CNVD-2023-9918065)
emlog is a PHP and MySQL based CMS builder for emlog personal developers. Emlog pro2.1.14 version of a security vulnerability, the vulnerability stems from the uid parameter in /admin/media.php contains SQL injection vulnerability. Attackers can use this vulnerability to gain unauthorized access ...
CVE-2023-41623
Emlog version pro2.1.14 was discovered to contain a SQL injection vulnerability via the uid parameter at /admin/media.php...
CVE-2023-41623
Emlog version pro2.1.14 was discovered to contain a SQL injection vulnerability via the uid parameter at /admin/media.php...
CVE-2023-41623
Emlog version pro2.1.14 was discovered to contain a SQL injection vulnerability via the uid parameter at /admin/media.php...
Sql injection
Emlog version pro2.1.14 was discovered to contain a SQL injection vulnerability via the uid parameter at /admin/media.php...
Emlog 安全漏洞
emlog is a PHP and MySQL based CMS builder for emlog personal developers. Emlog pro2.1.14 version of a security vulnerability, the vulnerability stems from the uid parameter in /admin/media.php contains SQL injection vulnerability. Attackers can use this vulnerability to gain unauthorized access ...
PT-2023-28005 · Emlog · Emlog
Name of the Vulnerable Software and Affected Versions: Emlog version pro2.1.14 Description: A SQL injection issue was discovered via the uid parameter at the "/admin/media.php" API endpoint. This allows for potential exploitation. Recommendations: For Emlog version pro2.1.14, consider restricting...
CVE-2023-41623
CVE-2023-41623 affects Emlog pro2.1.14, where a SQL injection is exposed via the uid parameter in /admin/media.php. The NVD entry lists a CVSS v3.1 base score of 7.2 (HIGH) with network attack vector, low attack complexity, and privileges required as HIGH; impacts are confidentiality, integrity, ...
GHSA-5H47-9RM5-FX3F Evolution CMS Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in evolution evo v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected uid parameter...
Evolution CMS Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in evolution evo v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected uid parameter...
CVE-2023-43341
Cross-site scripting XSS vulnerability in evolution evo v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected uid parameter...
CVE-2023-43341
Cross-site scripting XSS vulnerability in evolution evo v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected uid parameter...
CVE-2023-43341
Cross-site scripting XSS vulnerability in evolution evo v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected uid parameter...
CVE-2023-43341
Cross-site scripting XSS vulnerability in evolution evo v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected uid parameter...
CVE-2023-43341
CVE-2023-43341 affects Evolution CMS – Evolution evo 3.2.3. The connected documents describe a Cross-Site Scripting (XSS) vulnerability where a crafted payload injected into the uid parameter allows a local attacker to execute arbitrary code on the affected system. The issue is consistently repor...