14 matches found
EUVD-2021-29793
Malicious code in bioql PyPI...
CVE-2024-11020 Grand Vice info Webopac7 - SQL Injection
Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2024-11020 Grand Vice info Webopac7 - SQL Injection
Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2024-11019
CVE-2024-11019 affects Webopac from Grand Vice info. The connected documents describe a Reflected Cross-site Scripting vulnerability that allows unauthenticated remote attackers to execute arbitrary JavaScript in a user’s browser via phishing techniques. CVSSv3.1 base score 6.1 (Medium) with Netw...
CVE-2024-11019 Grand Vice info Webopac7 - Reflected XSS
Webopac from Grand Vice info has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript code in the user's browser through phishing techniques...
CVE-2024-11019 Grand Vice info Webopac7 - Reflected XSS
Webopac from Grand Vice info has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript code in the user's browser through phishing techniques...
CVE-2021-42838
Grand Vice info Co. webopac7 book search field parameter does not properly restrict the input of special characters, thus unauthenticated attackers can inject JavaScript syntax remotely, and further perform reflective XSS attacks...
CVE-2021-42838
Grand Vice info Co. webopac7 book search field parameter does not properly restrict the input of special characters, thus unauthenticated attackers can inject JavaScript syntax remotely, and further perform reflective XSS attacks...
Design/Logic Flaw
Grand Vice info Co. webopac7 file upload function fails to filter special characters. While logging in with general user’s permission, remote attackers can upload malicious script and execute arbitrary code to control the system or interrupt services...
Cross site scripting
Grand Vice info Co. webopac7 book search field parameter does not properly restrict the input of special characters, thus unauthenticated attackers can inject JavaScript syntax remotely, and further perform reflective XSS attacks...
CVE-2021-42839
CVE-2021-42839 : Concrete details across multiple sources show Grand Vice info Co. webopac7 contains an arbitrary file upload vulnerability where the upload function fails to filter special characters. A remote attacker authenticated as a general user could upload a malicious script and execute a...
CVE-2021-42838
Summary: CVE-2021-42838 affects Grand Vice info Co. webopac7, where the book search field does not properly restrict special characters. Vulnerability details: Unauthenticated remote attackers can inject JavaScript syntax via the search input, enabling reflected XSS attacks. The root cause is ina...
CVE-2021-42838 Grand Vice info Co. webopac7 - Reflected XSS
Grand Vice info Co. webopac7 book search field parameter does not properly restrict the input of special characters, thus unauthenticated attackers can inject JavaScript syntax remotely, and further perform reflective XSS attacks...
欣学英资讯 webopac7 代码问题漏洞
XinXueYing Info Webopac7 is an online public access catalog of China XinXueYing Info. It is used by users to access library services over the Internet. A code issue exists in XinXueYing Information Webopac7, which is caused by the file upload function not being able to filter special characters. ...