信呼 Rockoa Xinhu SQL注入漏洞

Rockoa Xinhu is a Php-based office OA system from China Xinhu Rockoa. A SQL injection vulnerability exists in Xinhu OA System v1.8.3, which allows remote attackers to obtain sensitive information by injecting arbitrary commands into the "createfolderAjax" function of the "mode worcAction.php"...