Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-28930: SQL injection vulnerability exists in ERP-Pro system · Issue #I515R4 · Skyeye云系列/erp-pro - Gitee.com

ERP-Pro v3.7.5 was discovered to contain a SQL injection vulnerability via the component /base/SysEveMenuAuthPointMapper.xml…

CVE
#sql#vulnerability#git#auth

SQL injection vulnerability exists in ERP-Pro system

待办的

lan

创建于

2022-04-05 17:36

Mapper.xml question code

serviceimpl question code

controoler question code

The system has only one Session Filter
filterconfig code

interceptor config

There are no filtered SQL statements in the interceptor code

interceptor code

评论 (0)

lan 创建了任务

登录 后才可以发表评论

状态

待办的

待办的

进行中

已完成

已拒绝

负责人

未设置

标签

未设置

标签管理

里程碑

未关联

未关联

Pull Requests

未关联

未关联

关联的 Pull Requests 被合并后可能会关闭此 issue

分支

未关联

分支 (1)

标签 (1)

master

2.0.0

开始日期 - 截止日期

-

置顶选项

不置顶

置顶等级:高

置顶等级:中

置顶等级:低

优先级

不指定

严重

主要

次要

不重要

参与者(1)

Related news

CVE-2022-28930: SQL injection vulnerability exists in ERP-Pro system · Issue #I515R4 · Skyeye云系列/erp-pro - Gitee.com

ERP-Pro v3.7.5 was discovered to contain a SQL injection vulnerability via the component /base/SysEveMenuAuthPointMapper.xml..

CVE-2022-28936: A malicious node may fake a proposal's header when he is the leader and some transactions cannot be processed · Issue #2307 · FISCO-BCOS/FISCO-BCOS

FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node can trigger an integer overflow and cause a Denial of Service (DoS) via an unusually large viewchange message packet.

CVE-2022-28937: A malicious node becomes a leader and set the view to a very large one, blocks cannot be processed · Issue #2312 · FISCO-BCOS/FISCO-BCOS

FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node, via an invalid proposal with an invalid header, will cause normal nodes to stop producing new blocks and processing new clients' requests.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907