6 matches found
CVE-2026-1120
A vulnerability has been found in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /worksheet/delwork.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2026-1120
A vulnerability has been found in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /worksheet/delwork.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2026-1120
A vulnerability has been found in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /worksheet/delwork.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2026-1120 Yonyou KSOA HTTP GET Parameter del_work.jsp sql injection
A vulnerability has been found in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /worksheet/delwork.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2026-1120 Yonyou KSOA HTTP GET Parameter del_work.jsp sql injection
A vulnerability has been found in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /worksheet/delwork.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2026-1120
CVE-2026-1120 affects Yonyou KSOA 9.0. The vulnerable element is the HTTP GET Parameter Handler in /worksheet/del_work.jsp; manipulating the ID parameter yields SQL injection. The issue is remotely exploitable and the exploit has been publicly disclosed. Vendors were contacted early but did not r...