125 matches found
PT-2025-15310 · Unknown · Hailey888 Oa System
Name of the Vulnerable Software and Affected Versions: hailey888 oa system versions up to 2025.01.01 Description: A vulnerability was found in the hailey888 oa system, affecting the function addandchangeday of the file cn/gson/oass/controller/daymanager/DaymanageController.java of the component...
PT-2025-15312 · Unknown · Hailey888 Oa System
Name of the Vulnerable Software and Affected Versions: hailey888 oa system versions up to 2025.01.01 Description: A vulnerability was found in the hailey888 oa system, classified as problematic. The issue affects the function Save of the file cn/gson/oasys/controller/mail/MailController.java of t...
CVE-2025-3388 hailey888 oa_system Frontend LoginsController.java loginCheck cross site scripting
A vulnerability classified as problematic was found in hailey888 oasystem up to 2025.01.01. This vulnerability affects the function loginCheck of the file cn/gson/oasys/controller/login/LoginsController.java of the component Frontend. The manipulation of the argument Username leads to cross site...
oa_system 安全漏洞
oasystem is a hailey individual developer's application for the day-to-day operation and management of organizations, used by employees and managers. A security vulnerability exists in oasystem version 2025.01.01 and earlier, which stems from an incorrect manipulation of the parameter menu can le...
PT-2025-15307 · Unknown · Hailey888 Oa System
Name of the Vulnerable Software and Affected Versions: hailey888 oa system up to 2025.01.01 Description: A vulnerability was found in hailey888 oa system, affecting the function loginCheck of the file cn/gson/oasys/controller/login/LoginsController.java of the component Frontend. The manipulation...
oa_system 安全漏洞
oasystem is a hailey individual developer's application for the day-to-day operation and management of organizations, used by employees and managers. A security vulnerability exists in oasystem version 2025.01.01 and earlier, which stems from an incorrect manipulation of the parameter scheduleLis...
SQL Injection Vulnerability in OA System of Jiangsu Wave Information Consulting Co.
Jiangsu Wave Information Consulting Co. A SQL injection vulnerability exists in the OA system of Jiangsu Wave Information Consulting Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...
SQL Injection Vulnerability in Huatian Power OA System
Huatian Power OA system is a collaborative office software developed by Dalian Huatian Software Co. The Huatian Power OA system suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...
File Upload Vulnerability in Huatian Power OA System (CNVD-2022-83472)
Huatian Power OA system is a collaborative office software developed by Dalian Huatian Software Co. A file upload vulnerability exists in the Huatian Power OA system, which can be exploited by an attacker to upload arbitrary files...
Huatian Power OA system arbitrary file upload vulnerability
Huatian Dynamics OA System is a collaborative office software developed by Dalian Huatian Software Co. There is an arbitrary file upload vulnerability in Huatian Power OA system, which can be exploited by attackers to upload arbitrary files to the server...
Cybozu Garoon License Issue Vulnerability (CNVD-2022-69536)
Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. An authorization issue vulnerability exists in Cybozu Garoon. The vulnerability stems from improper privilege...
Cybozu Garoon Operation Limit Bypass Vulnerability (CNVD-2022-53805)
Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. Cybozu Garoon suffers from an Operation Restriction Bypass vulnerability that originates from improper privilege...
Cybozu Garoon Information Disclosure Vulnerability (CNVD-2022-54342)
Cybozu Garoon is a portal-based OA office system from Cybozu Japan. The system provides portal, E-mail, bookmark, scheduler, bulletin board, document management, etc. Cybozu Garoon is vulnerable to an information disclosure vulnerability, which is caused by excessive data output from the...
Cybozu Garoon Operation Limit Bypass Vulnerability (CNVD-2022-54299)
Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. Cybozu Garoon suffers from an Operation Restriction Bypass vulnerability that originates from improper privilege...
oasys SQL Injection Vulnerability
oasys is an OA office automation system. oasys is vulnerable to SQL injection, and no details of the vulnerability are currently available...
CVE-2021-40644
An SQL Injection vulnerability exists in oasys oasystem as of 9/7/2021 in resources/mappers/notice-mapper.xml...
Cybozu Garoon Full Text Search Cross-Site Scripting Vulnerability
A cross-site scripting vulnerability exists in Full Text Search in Cybozu Garoon, a portal-based OA system from Cybozu Japan. An attacker can use this vulnerability to execute arbitrary scripts on a logged-in user's Web browser...
Cybozu Garoon Message Cross-Site Request Forgery Vulnerability
A cross-site request forgery vulnerability exists in Message in Cybozu Garoon, a portal-based OA system from Cybozu Japan. An attacker could use this vulnerability to trick users into performing unintended actions...
OA System Logic Flaw Vulnerability of Shenzhen Lanling Software Co.
Founded in 2001, Shenzhen Lanling Software Co., Ltd. is a leader in ecological OA and a professional service provider of digital work. There is a logic flaw vulnerability in the OA system of Shenzhen Lanling Software Co., Ltd, which can be exploited by attackers to obtain sensitive information...
SQL Injection Vulnerability in OA System of Xi'an Qilai Software Technology Co.
Huatian Synergy is China's collaborative management software provider, collaborative oa management software industry implementation success rate brand, is the domestic focus on collaborative software development and application of the main software vendors. There is a SQL injection vulnerability ...