279 matches found
IBOS SQL注入漏洞
IBOS is a collaborative office management system. A SQL injection vulnerability exists in IBOS OA version 4.5.5, which stems from the fact that the file ?r=recruit/bgchecks/export&checkids=x causes sql injection...
PT-2023-29552 · Ibos Oa · Ibos Oa
Name of the Vulnerable Software and Affected Versions: IBOS OA version 4.5.5 Description: A critical issue has been found in IBOS OA, affecting an unknown function of the file ?r=recruit/bgchecks/export&checkids=x. This issue leads to sql injection and can be exploited remotely. The exploit has...
CVE-2023-4543
A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. This vulnerability affects unknown code of the file ?r=recruit/contact/export&contactids=x. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and...
Sql injection
A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. This vulnerability affects unknown code of the file ?r=recruit/contact/export&contactids=x. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and...
CVE-2023-4543 IBOS OA export&contactids=x sql injection
A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. This vulnerability affects unknown code of the file ?r=recruit/contact/export&contactids=x. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and...
CVE-2023-4543
The CVE-2023-4543 entry concerns IBOS OA 4.5.5 with a SQL injection in the file component identified as ?r=recruit/contact/export&contactids=x. Affected software is IBOS OA 4.5.5; underlying issue is input handling in that resource leading to unauthorized data manipulation. The vulnerability is r...
PT-2023-29550 · Ibos Oa · Ibos Oa
Name of the Vulnerable Software and Affected Versions: IBOS OA version 4.5.5 Description: A critical vulnerability was found in IBOS OA, affecting unknown code of the file ?r=recruit/contact/export&contactids=x. The manipulation leads to sql injection. The attack can be initiated remotely. The...
IBOS SQL注入漏洞
IBOS is a collaborative office management system. A SQL injection vulnerability exists in IBOS OA version 4.5.5, which stems from the fact that the file ?r=recruit/contact/export&contactids=x causes sql injection...
CVE-2023-3826
A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /?r=recruit/resume/edit&op=status of the component Interview Handler. The manipulation of the argument resumeid leads to sql injection. The attack can...
CVE-2023-3826
A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /?r=recruit/resume/edit&op=status of the component Interview Handler. The manipulation of the argument resumeid leads to sql injection. The attack can...
Sql injection
A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /?r=recruit/resume/edit&op=status of the component Interview Handler. The manipulation of the argument resumeid leads to sql injection. The attack can...
CVE-2023-3826 IBOS OA Interview edit&op=status sql injection
A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /?r=recruit/resume/edit&op=status of the component Interview Handler. The manipulation of the argument resumeid leads to sql injection. The attack can...
CVE-2023-3826
CVE-2023-3826 affects IBOS OA 4.5.5 in the Interview Handler component, via the file path /?r=recruit/resume/edit&op=status where manipulating the resumeid parameter yields a SQL injection. The issue is exploitable remotely and can impact confidentiality, integrity, and availability as described ...
PT-2023-26338 · Ibos Oa · Ibos Oa
Name of the Vulnerable Software and Affected Versions: IBOS OA version 4.5.5 Description: A critical issue has been found in the Interview Handler component, specifically in the file /api/v1/recruit/resume/edit&op=status. The manipulation of the resumeid argument leads to SQL injection. This issu...
IBOS SQL注入漏洞
IBOS is a collaborative office management system. A SQL injection vulnerability exists in IBOS OA version 4.5.5, which originates from the presence of an unknown function in the file /?r=recruit/resume/edit&op=status in the component Interview Handler, which leads to a sql injection via the...
CVE-2023-3801
A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. Affected by this vulnerability is the function actionEdit of the file ?r=officialdoc/officialdoc/edit of the component Mobile Notification Handler. The manipulation leads to sql injection. The exploit has been disclosed...
Sql injection
A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. Affected by this vulnerability is the function actionEdit of the file ?r=officialdoc/officialdoc/edit of the component Mobile Notification Handler. The manipulation leads to sql injection. The exploit has been disclosed...
CVE-2023-3801 IBOS OA Mobile Notification edit actionEdit sql injection
A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. Affected by this vulnerability is the function actionEdit of the file ?r=officialdoc/officialdoc/edit of the component Mobile Notification Handler. The manipulation leads to sql injection. The exploit has been disclosed...
CVE-2023-3801
IBOS OA 4.5.5 is affected by a SQL injection in the Mobile Notification Handler’s actionEdit function (file ?r=officialdoc/officialdoc/edit). The issue is publicly disclosed and the vendor has not responded. A practical workaround from PT Security recommends disabling the actionEdit function or r...
CVE-2023-3799
A vulnerability was found in IBOS OA 4.5.5 and classified as critical. This issue affects some unknown processing of the file ?r=article/category/del of the component Delete Category Handler. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been...