11 matches found
EUVD-2020-10468
Malware in sbrugna...
EUVD-2020-10035
Malware in sbrugna...
CVE-2020-18544
SQL Injection in WMS v1.0 allows remote attackers to execute arbitrary code via the "username" parameter in the component "chkuser.php"...
CVE-2021-42897
A remote command execution RCE vulnerability was found in FeMiner wms V1.0 in /wms/src/system/datarec.php. The $POSTrname is directly passed into the $mysqlstr and is executed by exec...
CVE-2020-18106
The GET parameter "id" in WMS v1.0 is passed without filtering, which allows attackers to perform SQL injection...
Sql injection
The GET parameter "id" in WMS v1.0 is passed without filtering, which allows attackers to perform SQL injection...
CVE-2020-18106
The GET parameter "id" in WMS v1.0 is passed without filtering, which allows attackers to perform SQL injection...
CVE-2020-18544
SQL Injection in WMS v1.0 allows remote attackers to execute arbitrary code via the "username" parameter in the component "chkuser.php"...
Sql injection
SQL Injection in WMS v1.0 allows remote attackers to execute arbitrary code via the "username" parameter in the component "chkuser.php"...
CVE-2020-18544
CVE-2020-18544 affects WMS v1.0, where a SQL injection in chkuser.php via the username parameter allows remote attackers to execute arbitrary code. Root cause: improper handling of user input in the login/component path leads to SQL injection. Documented impact indicates potential arbitrary code ...
CVE-2020-18544
SQL Injection in WMS v1.0 allows remote attackers to execute arbitrary code via the "username" parameter in the component "chkuser.php"...