2 matches found
CVE-2025-2587
CVE-2025-2587 affects Jinher OA C6 1.0. The vulnerability is in IncentivePlanFulfillAppprove.aspx where manipulation of the httpOID parameter enables SQL injection. Attack can be initiated remotely; exploitation has been publicly disclosed. Affected component is the file IncentivePlanFulfillApppr...
CVE-2025-2587 Jinher OA C6 IncentivePlanFulfillAppprove.aspx sql injection
A vulnerability, which was classified as critical, was found in Jinher OA C6 1.0. This affects an unknown part of the file IncentivePlanFulfillAppprove.aspx. The manipulation of the argument httpOID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...