53 matches found
CVE-2025-61548
SQL Injection is present on the hfInventoryDistFormID parameter in the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69. Unsanitized user input is incorporated directly into SQL queries without proper parameterizati...
CVE-2025-61548
CVE-2025-61548 affects edu Business Solutions Print Shop Pro WebDesk 18.34. The hfInventoryDistFormID parameter in /PSP/appNET/Store/CartV12.aspx/GetUnitPrice is susceptible to SQL injection due to unsanitized input concatenated into queries. Impact is remote arbitrary SQL execution with high con...
CVE-2025-61547
The CVE-2025-61547 entry concerns edu Business Solutions Print Shop Pro WebDesk 18.34, where CSRF protections are absent across all functions. The Red Hat/NVD entries confirm a CSRF vulnerability that can allow a remote attacker to trick authenticated users into performing unintended actions, pot...
EUVD-2016-2100
Malware in sbrugna...
Exploit for CVE-2025-61546
vulnerability-disclosures Public disclosures of software vulne...
CVE-2016-15034
A vulnerability was found in Dynacase Webdesk and classified as critical. Affected by this issue is the function freedomrsssearch of the file freedomrsssearch.php. The manipulation leads to sql injection. Upgrading to version 3.2-20180305 is able to address this issue. The patch is identified as...
CVE-2016-15034
A vulnerability was found in Dynacase Webdesk and classified as critical. Affected by this issue is the function freedomrsssearch of the file freedomrsssearch.php. The manipulation leads to sql injection. Upgrading to version 3.2-20180305 is able to address this issue. The patch is identified as...
CVE-2016-15034
A vulnerability was found in Dynacase Webdesk and classified as critical. Affected by this issue is the function freedomrsssearch of the file freedomrsssearch.php. The manipulation leads to sql injection. Upgrading to version 3.2-20180305 is able to address this issue. The patch is identified as...
Sql injection
A vulnerability was found in Dynacase Webdesk and classified as critical. Affected by this issue is the function freedomrsssearch of the file freedomrsssearch.php. The manipulation leads to sql injection. Upgrading to version 3.2-20180305 is able to address this issue. The patch is identified as...
CVE-2016-15034 Dynacase Webdesk freedomrss_search.php freedomrss_search sql injection
A vulnerability was found in Dynacase Webdesk and classified as critical. Affected by this issue is the function freedomrsssearch of the file freedomrsssearch.php. The manipulation leads to sql injection. Upgrading to version 3.2-20180305 is able to address this issue. The patch is identified as...
CVE-2016-15034
Dynacase Webdesk contains a SQL injection vulnerability in the freedomrss_search function (freedomrss_search.php). The issue affects versions prior to 3.2-20180305 and is mitigated by upgrading to 3.2-20180305; patch id 750a9b35af182950c952faf6ddfdcc50a2b25f8b. Identifiers include VDB-233366. Con...
PT-2023-10353 · Dynacase · Dynacase Webdesk
Name of the Vulnerable Software and Affected Versions: Dynacase Webdesk versions prior to 3.2-20180305 Description: A critical issue was found in Dynacase Webdesk, affecting the freedomrss search function of the freedomrss search.php file. This issue leads to sql injection. Recommendations: Upgra...
Dynacase Webdesk SQL注入漏洞
Dynacase Webdesk is the operator interface for Dynacase Platform. An SQL injection vulnerability exists in versions prior to Dynacase Webdesk 3.2-20180305, which stems from the function Freedomrsssearch in the file Freedomrsssearch.php that can lead to sql injection...