CVE-2025-3402 Seeyon Zhiyuan Interconnect FE Collaborative Office Platform check.js%70 sql injection

A vulnerability was found in Seeyon Zhiyuan Interconnect FE Collaborative Office Platform 5.5.2 and classified as critical. This issue affects some unknown processing of the file /sysform/042/check.js%70. The manipulation of the argument Name leads to sql injection. The attack may be initiated...

CVE-2025-3402

Vulnerability CVE-2025-3402 affects Seeyon Zhiyuan Interconnect FE Collaborative Office Platform 5.5.2. The issue arises from improper handling of the Name argument in the file /sysform/042/check.js70, enabling SQL injection. A remote attacker could exploit this, with exploitation publicly disclo...

CVE-2025-2030

A vulnerability was found in Seeyon Zhiyuan Interconnect FE Collaborative Office Platform up to 20250224. It has been rated as critical. Affected by this issue is some unknown functionality of the file /security/addUser.jsp. The manipulation of the argument groupId leads to sql injection. The...

CVE-2025-2030 Seeyon Zhiyuan Interconnect FE Collaborative Office Platform addUser.jsp sql injection

A vulnerability was found in Seeyon Zhiyuan Interconnect FE Collaborative Office Platform up to 20250224. It has been rated as critical. Affected by this issue is some unknown functionality of the file /security/addUser.jsp. The manipulation of the argument groupId leads to sql injection. The...

DzzOffice Cross-Site Scripting Vulnerability (CNVD-2024-15545)

DzzOffice is a platform that provides online collaborative office suite functionality from the American company Big Desk DzzOffice. The platform can be used to provide online documents, forms, webstores, presentations and other features. A cross-site scripting vulnerability exists in dzzoffice...

Huatian Power OA suffers from XML Entity Injection Vulnerability

Huatian Power OA belongs to Dalian Huatian Software Co., Ltd. and is collaborative office software OA. An XML entity injection vulnerability exists in Huatian Power OA, which can be exploited by attackers to obtain sensitive information...

IBOS Command Injection Vulnerability

IBOS is a collaborative office management system. A command injection vulnerability exists in ibos IBOS, which stems from a command injection vulnerability in database backup in IBOS 4.5.4 Open version. An attacker can exploit this vulnerability to gain server control privileges...

SQL Injection Vulnerability in Huatian Power OA Office System

Huatian Power OA8000 system is a collaborative office software developed by Dalian Huatian Software Co. The Huatian Power OA8000 system suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information...

JC6 Collaborative OA Platform has SQL Injection Vulnerability

JC6 collaborative OA platform is a J2EE framework-based collaborative office platform developed by Beijing Jinhe Software Co. There is a SQL injection vulnerability in JC6 Collaborative OA Platform. Attackers can use the vulnerability to obtain sensitive database information...

loolforkit Security Vulnerabilities

Loolforkit is a Global Loolforkit open source application that provides a cloud-based office suite based on collaborative editing. A security vulnerability exists in loolforkit, which can be exploited by an attacker to gain local root privileges...

Information Leakage Vulnerability in Collaborative Office Management Platform of Quanta Technology Co.

Quanta Technology Co., Ltd. is a digital construction platform service provider that provides more than one hundred products/services based on "end+cloud+big data" and value-added services such as industrial big data and industrial new finance, with the core support of professional applications i...

File Upload Vulnerability in Panavision OA Collaboration Office System

Panmicro Collaborative Management Application Platform e-cology is a collaborative business platform with enterprise information portal, knowledge management, data center, workflow management, human resource management, customer and partner management, project management, financial management, an...

Unauthorized Access Vulnerability in Collaborative Office System of Yunnan Ruoshui Network Technology Co.

Yunnan Ruoshui Network Technology Co., Ltd. is an Internet service company. An unauthorized access vulnerability exists in the collaborative office system of Yunnan Ruoshui Network Technology Co. An attacker can obtain sensitive information of website users by brute force cracking...

JC6 Collaborative OA platform has xml entity injection vulnerability

JC6 collaborative OA platform is a collaborative office platform based on the J2EE framework. JC6 collaborative OA platform xml entity injection vulnerability, an attacker can use the vulnerability to read arbitrary files...

SQL Injection Vulnerability in Collaborative Office Management Platform of Beijing Lianda Power Information Technology Development Co.

Beijing Lianda Power Information Technology Development Co., Ltd. collaborative office management platform is an automated system for office information processing. A SQL injection vulnerability exists in the Collaborative Office Management Platform of Beijing Lianda Power Information Technology...

Cross-site Scripting Vulnerability in Tonglian Da3 Collaboration Office Platform

Tonglian Da3 cooperative office platform is a series of Da3 management software products provided by Tonglian for governmental units at all levels, focusing on "mobile government office". There is a cross-site scripting vulnerability in the Da3 collaborative office platform, which can be exploite...

SQL Injection Vulnerability in VOA (Pengwei) System RelationID Parameter

Shenzhen Pengwei Information Technology Co., Ltd VOA collaborative office platform is a kind of asp development OA system. VOA Pengwei system relationID parameter exists SQL injection vulnerability, the vulnerability URL is...

Thousand OA collaborative office management platform govdocumentmanager_judge. jsp numId parameter sql injection vulnerability

No description provided by source...

Thousand OA collaborative office management platform GovReceiveFileAction. do RecordID parameter id injection vulnerability

No description provided by source...

用友FE协作办公系统 /cooperate/traceNodes.jsp 文件 model_GUID 参数SQL注入漏洞

No description provided by source...