Headline
CVE-2022-28930: SQL injection vulnerability exists in ERP-Pro system · Issue #I515R4 · Skyeye云系列/erp-pro - Gitee.com
ERP-Pro v3.7.5 was discovered to contain a SQL injection vulnerability via the component /base/SysEveMenuAuthPointMapper.xml…
SQL injection vulnerability exists in ERP-Pro system
待办的
lan
创建于
2022-04-05 17:36
Mapper.xml question code
serviceimpl question code
controoler question code
The system has only one Session Filter
filterconfig code
interceptor config
There are no filtered SQL statements in the interceptor code
interceptor code
评论 (0)
lan 创建了任务
登录 后才可以发表评论
状态
待办的
待办的
进行中
已完成
已拒绝
负责人
未设置
标签
未设置
标签管理
里程碑
未关联
未关联
Pull Requests
未关联
未关联
关联的 Pull Requests 被合并后可能会关闭此 issue
分支
未关联
分支 (1)
标签 (1)
master
2.0.0
开始日期 - 截止日期
-
置顶选项
不置顶
置顶等级:高
置顶等级:中
置顶等级:低
优先级
不指定
严重
主要
次要
不重要
参与者(1)
Related news
ERP-Pro v3.7.5 was discovered to contain a SQL injection vulnerability via the component /base/SysEveMenuAuthPointMapper.xml..
FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node can trigger an integer overflow and cause a Denial of Service (DoS) via an unusually large viewchange message packet.
FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node, via an invalid proposal with an invalid header, will cause normal nodes to stop producing new blocks and processing new clients' requests.