6 matches found
CVE-2026-11412
A weakness has been identified in Jinher OA C6. The affected element is an unknown function of the file /C6/JHSoft.Web.ModuleCount/GetFormSn.aspx. Executing a manipulation of the argument queryID can lead to sql injection. The attack may be performed from remote. The exploit has been made availab...
SQL Injection Vulnerability in Kaixin Helpdesk System PC***_ad***.aspx
The Kairos Helpdesk System is a system for dealing with day-to-day issues. A SQL injection vulnerability exists in the Qixing Helpdesk System PCad.aspx, which can be exploited by attackers to obtain sensitive information...
SQL Injection Vulnerability in Se***.aspx Page of Qixing Conference Booking System
Qixing Meeting Booking System is a meeting booking system that prevents meeting conflicts and allows you to view the utilization rate of each meeting room in order to optimize the configuration of the meeting room. A SQL injection vulnerability exists in the Se.aspx page of the Qixing Meeting...
SQL Injection Vulnerability in Lo***.aspx Page of Integrated Water Supply Management Platform
Wuhan Jinshuilai Technology Development Co., Ltd. is a high-tech enterprise specializing in water management informationization, automation and intelligent construction. There is a SQL injection vulnerability in the Lo.aspx page of the integrated water management platform, which can be exploited ...
Design/Logic Flaw
Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site CU 22 allows remote attackers to call aspx pages via the "activateuser.aspx" page, even if a page is located under the /WorkArea/ path, which is forbidden normally available exclusively for local...
SQL Injection Vulnerability in Netqi CMS Web Management System 6.0
Netqi CMS website management system is a set of CMS system developed by Netqi, this system is developed using ASP.NET kernel. The system's ip/ajax.apsx page has an SQL injection vulnerability that allows arbitrary users to obtain database information...