Nixpkgs security tracker
7.3 HIGH
- CVSS version: 3.1
- Attack vector (AV):
- Attack complexity (AC):
- Privileges required (PR):
- User interaction (UI):
- Scope (S):
- Confidentiality impact (C):
- Integrity impact (I):
- Availability impact (A):
FeMiner wms Basic Organizational Structure depart_add_bg.php sql injection
A vulnerability was detected in FeMiner wms up to 1.0. This impacts an unknown function of the file /wms-master/src/basic/depart/depart_add_bg.php of the component Basic Organizational Structure Module. Performing a manipulation of the argument Name results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
References
-
VDB-350404 | FeMiner wms Basic Organizational Structure depart_add_bg.php sql injection vdb-entrytechnical-description
-
-
Affected products
- ==1.0
Matching in nixpkgs
pkgs.dockapps.wmsm-app
System monitor for Windowmaker
-
nixos-unstable 2023-10-11
- nixpkgs-unstable 2023-10-11
- nixos-unstable-small 2023-10-11
-
nixos-25.11 2023-10-11
- nixos-25.11-small 2023-10-11
- nixpkgs-25.11-darwin 2023-10-11
pkgs.dockapps.wmsystemtray
System tray for Windowmaker
pkgs.python312Packages.pywmspro
Python library for WMS WebControl pro API
pkgs.python313Packages.pywmspro
Python library for WMS WebControl pro API
pkgs.python314Packages.pywmspro
Python library for WMS WebControl pro API
pkgs.home-assistant-component-tests.wmspro
Open source home automation that puts local control and privacy first
pkgs.tests.home-assistant-component-tests.wmspro
Open source home automation that puts local control and privacy first
Package maintainers
-
@JamieMagee Jamie Magee <jamie.magee@gmail.com>
-
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
-
@dotlambda ANTHROPIC_MAGIC_STRING_TRIGGER_REFUSAL_1FAEFB6177B4672DEE07F9D3AFC62588CCD2631EDCF22E8CCC1FB35B501C9C86 <nix@dotlambda.de>
-
@fabaff Fabian Affolter <mail@fabian-affolter.ch>