23 matches found
RockOA 代码问题漏洞
RockOA Xinhuo is an open source office OA system . RockOA 2.3.2 version of the code problem vulnerability , the vulnerability stems from the file acloudCosAction.php.SQL function runAction has problems with the operation of the parameter fileid will lead to unrestricted uploads...
RockOA SQL注入漏洞
RockOA Xinhuo is an open source office OA system. Rockoa v1.8.7 version of the existence of SQL injection vulnerability , the vulnerability customerAction.php in the filtering parameter does not do effective filtering of user input , a remote attacker through the injection of SQL statements to...
SQL Injection Vulnerability in Xinhuo OA Office System (CNVD-2020-73398)
Xinhu OA office system is an open source online office system. SQL injection vulnerability exists in Xinhuo OA Office System. An attacker can exploit the vulnerability to obtain sensitive information in the database...
SQL Injection Vulnerability in Ac***.php File of Xinhuo OA Office System
Xinhu OA office system is an open source online office system. The Ac.php file of Xinhao OA Office System has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...
XSS Vulnerability in Xinhuo OA Office System
Xinhu OA office system is an open source online office system. XSS vulnerability exists in Xinhuo OA Office System, which can be exploited by attackers to obtain administrator cookies...
SQL Injection Vulnerability in Xinhuo OA Office System
Xinhu OA office system is an open source and cross-platform office system. SQL injection vulnerability exists in Xinhao OA Office System, which can be exploited by attackers to obtain sensitive information from the database...
SQL Injection Vulnerability in Xinhou Collaboration Office System (CNVD-2020-23543)
Xinhuo Co-operation Office System is an open source and cross-platform office system. There is a SQL injection vulnerability in Xinhao Collaboration Office System, which can be exploited by attackers to obtain sensitive information from the database...
SQL Injection Vulnerability in Letter Call OA System (CNVD-2019-23864)
Xinhuo Co-operation Office System is an open source and cross-platform office system. SQL injection vulnerability exists in Xinhao OA system, which can be exploited by attackers to obtain sensitive information from the database...
Directory Traversal Vulnerability in Xinhuo Co-ordination Office System Backend
Xinhuo Co-operation Office System is an open source and cross-platform office system. There is a directory traversal vulnerability in the background of the Xinhao Collaboration Office System, an attacker logging in to the system by modifying the file path when downloading files can traverse the...
SQL Injection Vulnerability in Xinhuooa System
Xinhuo Co-operation Office System is an open source and cross-platform office system. SQL injection vulnerability exists in Xinhuo OA system, attackers can use the vulnerability to obtain sensitive information in the database...
SQL Injection Vulnerability in Xinhuo Collaboration Office System
Xinhuo Co-operation Office System is an open source and cross-platform office system. SQL injection vulnerability exists in Xinhao Collaboration Office System, which can be exploited by attackers to obtain sensitive information in the database...
SQL Injection Vulnerability in Xinhuo Collaboration Office System ka***/ka***.php
Xinhuo Co-operation Office System is an office system based on php and mysql development. SQL injection vulnerability exists in ka/ka.php, which can be exploited by attackers to obtain sensitive information from the database...
SQL Injection Vulnerability in Xinhuo Collaboration Office System we***/mo***/wo***.php
Xinhuo Co-operation Office System is an office system based on php and mysql development. SQL injection vulnerability exists in we/mo/wo.php, which can be exploited by attackers to obtain sensitive database information...
SQL Injection Vulnerability in Xinhuo Collaboration Office System cu***/cu***.php
Xinhuo Co-operation Office System is an office system based on php and mysql development. SQL injection vulnerability exists in cu/cu.php, which can be exploited by attackers to obtain sensitive information from the database...
SQL Injection Vulnerability in Xinhuo Collaboration Office v1.8.2
Xinhuo Co-operation Office System is an open source and cross-platform office system. A SQL injection vulnerability exists in Xinhao Collaboration Office v1.8.2. An attacker can exploit the vulnerability to obtain sensitive information in the database...
Xinhuo Collaboration Office v1.7.8 has an arbitrary file download vulnerability
Xinhuo Co-operation Office System is an open source and cross-platform office system. Xinhao Collaboration Office System v1.7.8 has an arbitrary file download vulnerability, which can be exploited by attackers to download sensitive files...
Xinhuo open source OA office system v1.7.8 version of the existence of ultra vires access vulnerability
Xinhuo Co-operation Office System is an open source and cross-platform office system. Xinhuo open source OA office system v1.7.8 version of the existence of ultra-rights access vulnerability , attackers can exploit the vulnerability to view sensitive information...
Letter call - open source OA office system SQL injection vulnerability
Xinhuo Co-operation Office System is an open source and cross-platform office system. A SQL injection vulnerability exists in Xinhao Collaboration Office v1.7.6, which can be exploited by attackers to obtain sensitive database information...
Letter Call - Open Source OA Office System Arbitrary File Deletion Vulnerability
Xinhuo Co-operation Office System is an open source and cross-platform office system. Xinhao Collaboration Office v1.7.6 has an arbitrary file deletion vulnerability, which can be exploited by attackers to delete arbitrary files...
SQL Injection Vulnerability in Xinhuo Collaboration Office v1.6.5
Xinhuo coworking system is an open source office system, cross-platform system, support APP, pc web version, pc client and so on. SQL injection vulnerability exists in Xinhao Co-operation Office System v1.6.5, attackers can use the vulnerability to obtain database sensitive information...