Lucene search
K

4 matches found

CNVD
CNVD
added 2016/09/21 12:0 a.m.2 views

Arbitrary File Read Vulnerability in Ninth OA System

Ninth OA system is the OA system to install, implement, learn, operate and maintain. An arbitrary file read vulnerability exists in the Jiushi OA system. It allows attackers to exploit the vulnerability to obtain sensitive information. The vulnerable URL is:...

6.9AI score
Exploits0References1
CNVD
CNVD
added 2016/09/21 12:0 a.m.1 views

SQL Injection Vulnerability in the getInfo Interface Function of Jiusi OA System

Ninth OA system is the OA system to install, implement, learn, operate and maintain. A SQL injection vulnerability exists in the Ninth OA System. The lack of filtering of the 'getInfo' parameter allows an attacker to exploit the vulnerability to obtain sensitive information about the database...

7.7AI score
Exploits0References1
CNVD
CNVD
added 2016/09/21 12:0 a.m.2 views

SQL Injection Vulnerability in the activityId Parameter of Jus OA System

Ninth OA system is the OA system to install, implement, learn, operate and maintain. There is a SQL injection vulnerability in the activityId parameter of the Ninth OA system. When Action is toNextActivity is, the activityId parameter is filtered to directly splice SQL statements, resulting in SQ...

8.1AI score
Exploits0References1
CNVD
CNVD
added 2016/09/21 12:0 a.m.2 views

XXE Vulnerability in Ninth OA System

Ninth OA system is the OA system to install, implement, learn, operate and maintain. Ninth OA system DocumentBuilder db = ex.newDocumentBuilder; Document doc = db.parserequest.getInputStream; XXE vulnerability exists. An attacker can read arbitrary files on the server and obtain sensitive...

6.7AI score
Exploits0References1
Rows per page
Query Builder