SOUND4多款产品 跨站脚本漏洞

SOUND4 IMPACT and others are products of SOUND4, a French company.SOUND4 IMPACT is a professional broadcast audio processor.SOUND4 FIRST is a broadcast audio processor.SOUND4 PULSE is an audio processor. A cross-site scripting vulnerability exists in several SOUND4 products that stems from an...

SOUND4多款产品 操作系统命令注入漏洞

SOUND4 IMPACT and others are products of SOUND4, a French company.SOUND4 IMPACT is a professional broadcast audio processor.SOUND4 FIRST is a broadcast audio processor.SOUND4 PULSE is an audio processor. An operating system command injection vulnerability exists in several SOUND4 products that...

SOUND4多款产品 SQL注入漏洞

SOUND4 IMPACT and others are products of SOUND4 France.SOUND4 IMPACT is a professional audio processor for broadcasting.SOUND4 FIRST is an audio processor for broadcasting.SOUND4 PULSE is an audio processor. A SQL injection vulnerability exists in several SOUND4 products. The vulnerability stems...

CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50 安全漏洞

The CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 are both a network concentrator from CIRCUTOR Spain. A security vulnerability exists in the CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 version v9.0.2, which stems from the AddEvent function not validating the length of the username input, which cou...

CVE-2025-66225 OrangeHRM is Vulnerable to Account Takeover Through Unvalidated Username in Password Reset Workflow

OrangeHRM is a comprehensive human resource management HRM system. From version 5.0 to 5.7, the password reset workflow does not enforce that the username submitted in the final reset request matches the account for which the reset process was originally initiated. After obtaining a valid reset...

CVE-2025-66225 OrangeHRM is Vulnerable to Account Takeover Through Unvalidated Username in Password Reset Workflow

OrangeHRM is a comprehensive human resource management HRM system. From version 5.0 to 5.7, the password reset workflow does not enforce that the username submitted in the final reset request matches the account for which the reset process was originally initiated. After obtaining a valid reset...

CVE-2025-66225 OrangeHRM is Vulnerable to Account Takeover Through Unvalidated Username in Password Reset Workflow

OrangeHRM is a comprehensive human resource management HRM system. From version 5.0 to 5.7, the password reset workflow does not enforce that the username submitted in the final reset request matches the account for which the reset process was originally initiated. After obtaining a valid reset...

Church Donation System search.php File SQL Injection Vulnerability

The Church Donation System is a system of church giving. The Church Donation System suffers from a SQL injection vulnerability that stems from the lack of validation of the parameter Username in the file /members/search.php for externally entered SQL statements. An attacker can exploit this...

code-projects Library System 安全漏洞

Library System is a library system. The Library System suffers from a SQL injection vulnerability that stems from the lack of validation of the parameter Username in the file /add-student.php for externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL...

Code-Projects Online Shoe Store 注入漏洞

Online Shoe Store is an online shoe store system. Online Shoe Store suffers from a SQL injection vulnerability that originates from the lack of validation of the parameter Username in the file /admin/adminindex.php for externally entered SQL statements. An attacker can exploit this vulnerability ...

CVE-2024-5227

TP-Link Omada ER605 PPTP VPN username Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability...

Online Voting System SQL Injection Vulnerability

Online Voting System is an online voting system by the individual developer Carlo Montero. A SQL injection vulnerability exists in Online Voting System Project v1.0, which stems from the username parameter in regaction.php that does not validate received characters and is sent to the database...

Boa SQL注入漏洞

Boa is open source an open source code for embedded applications. A SQL injection vulnerability exists in Boa version 0.94.14rc21. The vulnerability stems from the username parameter not being validated for external input. An attacker can exploit this vulnerability to obtain sensitive database...

SourceCodester Food Ordering Management System 安全漏洞

Food Ordering Management System is a food ordering management system from Carlo Montero's personal developer. The Food Ordering Management System is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements by username, and can be exploited by attackers...

Zoho ManageEngine Asset Explor OS Command Injection Vulnerability

Zoho ManageEngine AssetExplorer is a suite of asset management software from Zoho USA. The software provides asset tracking, scanning of IT assets and tracking of asset ownership. Zoho ManageEngine Asset Explor suffers from an operating system command injection vulnerability that stems from the...