赛蓝企业管理系统 GetJSFile 任意文件读取漏洞

暂无

泛微e-cology9 /services/WorkPlanService 前台SQL注入漏洞

暂无

飞讯云 WMS /MyDown/MyImportData 前台SQL注入

暂无

帆软报表 /view/ReportServer 远程代码执行漏洞(QVD-2024-27261)

帆软工具软件存在0day漏洞，访问URL:/webroot/decision/view/ReportServer?test\=&n\=，可执行GET参数n中的SQL语句。经与帆软确认，该漏洞是由于帆软自带的sqlite\-jdbc\-x.x.x.x.jar驱动导致。

Twilio Authy Information Disclosure Vulnerability

Twilio Authy contains an information disclosure vulnerability in its API that allows an unauthenticated endpoint to accept a request containing a phone number and respond with information about whether the phone number was registered with Authy.