Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Oceanic Software ValeApp allows SQL Injection.This issue affects ValeApp: before v2.0.0.

A vulnerability, which was classified as critical, has been found in HuankeMao SCRM up to 0.0.3. Affected by this issue is the function upload_domain_verification_file of the file WxkConfig.php of the component Administrator Backend. The manipulation of the argument domain_verification_file leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this vulnerability is an unknown functionality of the file \src\backend\base\langflow\interface\utils.py of the component HTTP POST Request Handler. The manipulation of the argument remaining_text leads to inefficient regular expression complexity. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as problematic has been found in TMsoft MyAuth Gateway 3. Affected is an unknown function of the file /index.php. The manipulation of the argument console/nocache/cmd leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in jeanmarc77 123solar up to 1.8.4.5. It has been rated as critical. This issue affects some unknown processing of the file /admin/admin_invt2.php. The manipulation of the argument PROTOCOLx leads to file inclusion. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Access permission verification vulnerability in the App Multiplier module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability.

Out-of-bounds write vulnerability in the HAL-WIFI module Impact: Successful exploitation of this vulnerability may affect availability.

Path traversal vulnerability in the Bluetooth module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability.