12 matches found
CVE-2025-15494
A vulnerability has been found in RainyGao DocSys up to 2.02.37. This affects an unknown function of the file com/DocSystem/mapping/UserMapper.xml. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public...
CVE-2025-15494
A vulnerability has been found in RainyGao DocSys up to 2.02.37. This affects an unknown function of the file com/DocSystem/mapping/UserMapper.xml. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public...
CVE-2025-15494 RainyGao DocSys UserMapper.xml sql injection
A vulnerability has been found in RainyGao DocSys up to 2.02.37. This affects an unknown function of the file com/DocSystem/mapping/UserMapper.xml. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public...
github docs 安全漏洞
github docs is a software application. A security vulnerability exists in github docs version 2.02.37 and earlier, which stems from incorrect manipulation of the parameter Username in the file com/DocSystem/mapping/UserMapper.xml, which could lead to an SQL injection attack...
EUVD-2025-6767
Malicious code in bioql PyPI...
CVE-2025-25580
yimioa before v2024.07.04 was discovered to contain a SQL injection vulnerability via the listNameBySql method at /xml/UserMapper.xml...
CVE-2025-25580
CVE-2025-25580 affects yimioa prior to v2024.07.04 and is a SQL injection vulnerability exposed via the listNameBySql() method in the /xml/UserMapper.xml. The entry indicates a local-privilege context with user interaction required and high confidentiality impact, but no exploit details or public...
PT-2025-6860 · Ywoa · Ywoa
Name of the Vulnerable Software and Affected Versions: ywoa versions prior to 2024.07.04 Description: A critical vulnerability was found in ywoa, affecting the listNameBySql function of the file com/cloudweb/oa/mapper/xml/UserMapper.xml. This vulnerability leads to SQL injection and can be...
ywoa SQL注入漏洞
ywoa is an OA collaborative office system by bestfeng individual developer in China. A SQL injection vulnerability exists in ywoa version 2024.07.03 and earlier versions, which originates from the listNameBySql function of com/cloudweb/oa/mapper/xml/UserMapper.xml, which contains a SQL injection...
CVE-2023-24219
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/UserMapper.xml...
Sql injection
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/UserMapper.xml...
CVE-2023-24219
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/UserMapper.xml...