📦 Docsys

This SQL injection vulnerability in RainyGao DocSys allows attackers to manipulate database queries via the Username parameter. Remote attackers can potentially access, modify, or delete sensitive dat...

This CVE describes a SQL injection vulnerability in RainyGao DocSys document management system up to version 2.02.36. Attackers can exploit this remotely by manipulating the searchWord parameter, pote...

This CVE describes a SQL injection vulnerability in RainyGao DocSys up to version 2.02.36. Attackers can remotely exploit this by manipulating the searchWord parameter in GroupMemberMapper.xml, potent...

This CVE describes a path traversal vulnerability in RainyGao DocSys up to version 2.02.36. Attackers can remotely manipulate the 'path' parameter in the /Doc/deleteDoc.do endpoint to delete arbitrary...

This CVE describes a path traversal vulnerability in RainyGao DocSys up to version 2.02.36. Attackers can remotely exploit the file upload function to write arbitrary files to unintended directories, ...

This SQL injection vulnerability in RainyGao DocSys allows attackers to execute arbitrary SQL commands through the getUserList function. It affects all versions up to 2.02.36 and can be exploited remo...