CVE-2026-1133

A vulnerability was determined in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /kmf/folder.jsp of the component HTTP GET Parameter Handler. Executing a manipulation of the argument folderid can lead to sql injection. The attack can be launched remotely. The exploit has...

CVE-2026-1133

CVE-2026-1133 affects Yonyou KSOA 9.0. The vulnerable element is the HTTP GET Parameter Handler in the file /kmf/folder.jsp; manipulating the directory parameter folderid enables an SQL injection. The attack surface is remote, and the vulnerability has been publicly disclosed. Multiple connected ...

PT-2026-3419

Name of the Vulnerable Software and Affected Versions Yonyou KSOA version 9.0 Description A flaw exists in Yonyou KSOA 9.0 related to the HTTP GET Parameter Handler. Specifically, manipulating the folderid argument in the /kmf/folder.jsp file can result in SQL injection. This issue is exploitable...

PT-2026-3415

Name of the Vulnerable Software and Affected Versions Yonyou KSOA version 9.0 Description A flaw exists in Yonyou KSOA 9.0 related to the HTTP GET Parameter Handler component and the /kmf/edit folder.jsp file. Manipulation of the folderid argument can lead to SQL injection. This issue is remotely...