2 matches found
CVE-2026-1121 Yonyou KSOA HTTP GET Parameter del_workplan.jsp sql injection
A vulnerability was found in Yonyou KSOA 9.0. This affects an unknown function of the file /worksheet/delworkplan.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made public an...
PT-2026-3389
Name of the Vulnerable Software and Affected Versions Yonyou KSOA version 9.0 Description A flaw exists in Yonyou KSOA 9.0 related to the HTTP GET Parameter Handler component and the file /worksheet/del workplan.jsp. Specifically, manipulating the ID argument can lead to a SQL injection condition...