Lucene search
K

125 matches found

Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.4 views

PT-2025-15310 · Unknown · Hailey888 Oa System

Name of the Vulnerable Software and Affected Versions: hailey888 oa system versions up to 2025.01.01 Description: A vulnerability was found in the hailey888 oa system, affecting the function addandchangeday of the file cn/gson/oass/controller/daymanager/DaymanageController.java of the component...

6.1CVSS3.5AI score0.00277EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.8 views

PT-2025-15312 · Unknown · Hailey888 Oa System

Name of the Vulnerable Software and Affected Versions: hailey888 oa system versions up to 2025.01.01 Description: A vulnerability was found in the hailey888 oa system, classified as problematic. The issue affects the function Save of the file cn/gson/oasys/controller/mail/MailController.java of t...

6.1CVSS3.7AI score0.00277EPSS
Exploits1References9
Cvelist
Cvelist
added 2025/04/07 11:0 p.m.35 views

CVE-2025-3388 hailey888 oa_system Frontend LoginsController.java loginCheck cross site scripting

A vulnerability classified as problematic was found in hailey888 oasystem up to 2025.01.01. This vulnerability affects the function loginCheck of the file cn/gson/oasys/controller/login/LoginsController.java of the component Frontend. The manipulation of the argument Username leads to cross site...

5.3CVSS0.00372EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/04/07 12:0 a.m.3 views

oa_system 安全漏洞

oasystem is a hailey individual developer's application for the day-to-day operation and management of organizations, used by employees and managers. A security vulnerability exists in oasystem version 2025.01.01 and earlier, which stems from an incorrect manipulation of the parameter menu can le...

6.1CVSS4.3AI score0.00277EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/04/07 12:0 a.m.4 views

PT-2025-15307 · Unknown · Hailey888 Oa System

Name of the Vulnerable Software and Affected Versions: hailey888 oa system up to 2025.01.01 Description: A vulnerability was found in hailey888 oa system, affecting the function loginCheck of the file cn/gson/oasys/controller/login/LoginsController.java of the component Frontend. The manipulation...

6.1CVSS4.2AI score0.00372EPSS
Exploits1References11
CNNVD
CNNVD
added 2025/04/07 12:0 a.m.3 views

oa_system 安全漏洞

oasystem is a hailey individual developer's application for the day-to-day operation and management of organizations, used by employees and managers. A security vulnerability exists in oasystem version 2025.01.01 and earlier, which stems from an incorrect manipulation of the parameter scheduleLis...

6.1CVSS4.3AI score0.00277EPSS
Exploits1References1
CNVD
CNVD
added 2024/12/18 12:0 a.m.9 views

SQL Injection Vulnerability in OA System of Jiangsu Wave Information Consulting Co.

Jiangsu Wave Information Consulting Co. A SQL injection vulnerability exists in the OA system of Jiangsu Wave Information Consulting Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...

7.5AI score
Exploits0
CNVD
CNVD
added 2022/11/08 12:0 a.m.47 views

SQL Injection Vulnerability in Huatian Power OA System

Huatian Power OA system is a collaborative office software developed by Dalian Huatian Software Co. The Huatian Power OA system suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

7.4AI score
Exploits0
CNVD
CNVD
added 2022/10/31 12:0 a.m.27 views

File Upload Vulnerability in Huatian Power OA System (CNVD-2022-83472)

Huatian Power OA system is a collaborative office software developed by Dalian Huatian Software Co. A file upload vulnerability exists in the Huatian Power OA system, which can be exploited by an attacker to upload arbitrary files...

7.1AI score
Exploits0
CNVD
CNVD
added 2022/08/02 12:0 a.m.20 views

Huatian Power OA system arbitrary file upload vulnerability

Huatian Dynamics OA System is a collaborative office software developed by Dalian Huatian Software Co. There is an arbitrary file upload vulnerability in Huatian Power OA system, which can be exploited by attackers to upload arbitrary files to the server...

5.2AI score
Exploits0References1
CNVD
CNVD
added 2022/07/06 12:0 a.m.25 views

Cybozu Garoon License Issue Vulnerability (CNVD-2022-69536)

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. An authorization issue vulnerability exists in Cybozu Garoon. The vulnerability stems from improper privilege...

8.1CVSS8.1AI score0.01049EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/18 12:0 a.m.24 views

Cybozu Garoon Operation Limit Bypass Vulnerability (CNVD-2022-53805)

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. Cybozu Garoon suffers from an Operation Restriction Bypass vulnerability that originates from improper privilege...

4.3CVSS4.9AI score0.00718EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/18 12:0 a.m.33 views

Cybozu Garoon Information Disclosure Vulnerability (CNVD-2022-54342)

Cybozu Garoon is a portal-based OA office system from Cybozu Japan. The system provides portal, E-mail, bookmark, scheduler, bulletin board, document management, etc. Cybozu Garoon is vulnerable to an information disclosure vulnerability, which is caused by excessive data output from the...

4.3CVSS2.3AI score0.00774EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/18 12:0 a.m.26 views

Cybozu Garoon Operation Limit Bypass Vulnerability (CNVD-2022-54299)

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. Cybozu Garoon suffers from an Operation Restriction Bypass vulnerability that originates from improper privilege...

4.3CVSS4.9AI score0.00718EPSS
Exploits0References1
CNVD
CNVD
added 2022/03/31 12:0 a.m.14 views

oasys SQL Injection Vulnerability

oasys is an OA office automation system. oasys is vulnerable to SQL injection, and no details of the vulnerability are currently available...

6.5CVSS2.5AI score0.0108EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/03/30 9:15 p.m.3 views

CVE-2021-40644

An SQL Injection vulnerability exists in oasys oasystem as of 9/7/2021 in resources/mappers/notice-mapper.xml...

6.5CVSS6.7AI score0.0108EPSS
Exploits1References3
CNVD
CNVD
added 2021/08/03 12:0 a.m.19 views

Cybozu Garoon Full Text Search Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability exists in Full Text Search in Cybozu Garoon, a portal-based OA system from Cybozu Japan. An attacker can use this vulnerability to execute arbitrary scripts on a logged-in user's Web browser...

5.4CVSS3.2AI score0.00608EPSS
Exploits0References1
CNVD
CNVD
added 2021/08/03 12:0 a.m.24 views

Cybozu Garoon Message Cross-Site Request Forgery Vulnerability

A cross-site request forgery vulnerability exists in Message in Cybozu Garoon, a portal-based OA system from Cybozu Japan. An attacker could use this vulnerability to trick users into performing unintended actions...

8CVSS4AI score0.00488EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/25 12:0 a.m.21 views

OA System Logic Flaw Vulnerability of Shenzhen Lanling Software Co.

Founded in 2001, Shenzhen Lanling Software Co., Ltd. is a leader in ecological OA and a professional service provider of digital work. There is a logic flaw vulnerability in the OA system of Shenzhen Lanling Software Co., Ltd, which can be exploited by attackers to obtain sensitive information...

6.8AI score
Exploits0
CNVD
CNVD
added 2021/05/31 12:0 a.m.3 views

SQL Injection Vulnerability in OA System of Xi'an Qilai Software Technology Co.

Huatian Synergy is China's collaborative management software provider, collaborative oa management software industry implementation success rate brand, is the domestic focus on collaborative software development and application of the main software vendors. There is a SQL injection vulnerability ...

7.4AI score
Exploits0
Rows per page
Query Builder