15 matches found
EUVD-2020-10630
Malware in sbrugna...
CVE-2024-48547
Incorrect access control in the firmware update and download processes of DreamCatcher Life v1.8.7 allows attackers to access sensitive information by analyzing the code and data within the APK file...
CVE-2020-18716
SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in wordAction.php...
CVE-2020-18714
SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in wordModel.php's getdata function...
Sql injection
SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in wordAction.php...
Sql injection
SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in wordModel.php's getdata function...
Sql injection
SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in customerAction.php...
RockOA SQL注入漏洞
RockOA Xinhuo is an open source office OA system. Rockoa v1.8.7 version of the existence of SQL injection vulnerability , the vulnerability wwordAction.php parameters in the user input is not effectively filtered , a remote attacker by obtaining the injection of SQL statements to execute access t...
CVE-2020-18716
SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in wordAction.php...
CVE-2020-18716
RockOA (Rockoa) v1.8.7 is affected by CVE-2020-18716 due to insufficient filtering of input in wordAction.php , enabling SQL injection from remote attackers. The vulnerability stems from loose parameter filtering, potentially allowing SQL statements to be executed and privileges accessed or escal...
CVE-2020-18714
SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in wordModel.php's getdata function...
CVE-2020-18714
CVE-2020-18714 affects RockOA Rockoa v1.8.7, where wordModel.php:getdata processes user input without proper filtering, enabling SQL injection. This leads to remote execution of arbitrary SQL commands and potential privilege escalation as described across multiple advisories (CP AI, CNVD, NVD, CV...
CVE-2020-18713
SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in customerAction.php...
CVE-2020-25375
WP SMART CRM (SoftradeWeb SNC) version 1.8.7 is affected by stored Cross Site Scripting via multiple customer fields (Business Name, Tax Code, First Name, Address, Town, Phone, Mobile, Place of Birth, Web Site, VAT Number, Last Name, Fax, Email, Skype). Root cause: inadequate input sanitization i...
Intelbras IWR 3000N Cross-Site Request Forgery Vulnerability
Intelbras IWR 3000N is a wireless router from Intelbras Poland. A cross-site request forgery vulnerability exists in Intelbras IWR 3000N version 1.8.7. An attacker can exploit this vulnerability to take full control of the router...