📦 Ruvaroa
by Ruvar
🔍 What is Ruvaroa?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
RuvarOA versions 6.01 and 12.01 contain a SQL injection vulnerability in the bt_id parameter at /include/get_dict.aspx, allowing attackers to execute arbitrary SQL commands. This affects organizations...
RuvarOA versions 6.01 and 12.01 contain a SQL injection vulnerability in the id parameter at /PersonalAffair/worklog_template_show.aspx. This allows attackers to execute arbitrary SQL commands on the ...
RuvarOA versions 6.01 and 12.01 contain a SQL injection vulnerability in the PageID parameter at /WebUtility/get_find_condiction.aspx. This allows attackers to execute arbitrary SQL commands on the da...
RuvarOA versions 6.01 and 12.01 contain a SQL injection vulnerability in the get_company.aspx endpoint via the txt_keyword parameter. This allows attackers to execute arbitrary SQL commands on the dat...
RuvarOA versions 6.01 and 12.01 contain a SQL injection vulnerability in the file_id parameter at /filemanage/file_memo.aspx. This allows attackers to execute arbitrary SQL commands on the database. O...
RuvarOA versions 6.01 and 12.01 contain a SQL injection vulnerability in the filename parameter at /WorkFlow/OfficeFileDownload.aspx. This allows attackers to execute arbitrary SQL commands on the dat...
RuvarOA versions 6.01 and 12.01 contain a SQL injection vulnerability in the tbTable parameter at /WebUtility/MF.aspx. This allows attackers to execute arbitrary SQL commands on the database. Organiza...
RuvarOA versions 6.01 and 12.01 contain a SQL injection vulnerability in the idlist parameter at /WorkFlow/wf_work_print.aspx. This allows attackers to execute arbitrary SQL commands on the database. ...
This SQL injection vulnerability in RuvarOA allows attackers to execute arbitrary SQL commands via the sys_file_storage_id parameter in the wf_file_download.aspx endpoint. Successful exploitation coul...
RuvarOA versions 6.01 and 12.01 contain a SQL injection vulnerability in the id parameter at /AddressBook/address_public_new.aspx. This allows attackers to execute arbitrary SQL commands on the databa...
This SQL injection vulnerability in RuvarOA allows attackers to execute arbitrary SQL commands via the template_id parameter in the wf_template_child_field_list.aspx endpoint. This affects RuvarOA ver...
RuvarOA versions 6.01 and 12.01 contain a SQL injection vulnerability in the email_attach_id parameter at /LHMail/AttachDown.aspx. This allows attackers to execute arbitrary SQL commands on the databa...
RuvarOA versions 6.01 and 12.01 contain a SQL injection vulnerability in the attach_id parameter at /Bulletin/AttachDownLoad.aspx. This allows attackers to execute arbitrary SQL commands on the databa...