6 matches found
EUVD-2025-27119
Malicious code in bioql PyPI...
CVE-2025-10090
A flaw has been found in Jinher OA up to 1.2. The impacted element is an unknown function of the file /C6/Jhsoft.Web.departments/GetTreeDate.aspx. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be us...
CVE-2025-10090
Jinher OA contains a SQL injection vulnerability in the GetTreeDate.aspx file (parameter ID). Impact: remote attacker could execute arbitrary SQL; exploit publicly published. Affected versions: up to 1.2 per CVE context; remediation: upgrade to 1.3 or later. Temporary mitigations include restrict...
Jinher OA SQL注入漏洞
Jinher OA is a collaboration management software from China Jinher Jinher. A SQL injection vulnerability exists in Jinher OA 1.2 and earlier versions, which originates from improper handling of parameters in the /C6/Jhsoft.Web.departments/GetTreeDate.aspx file, which can lead to SQL injection...
CVE-2025-9669
A vulnerability has been found in Jinher OA 1.0. This issue affects some unknown processing of the file GetTreeDate.aspx. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used...
CVE-2025-9669
A vulnerability has been found in Jinher OA 1.0. This issue affects some unknown processing of the file GetTreeDate.aspx. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used...