36 matches found
CVE-2026-1133
CVE-2026-1133 affects Yonyou KSOA 9.0. The vulnerable element is the HTTP GET Parameter Handler in the file /kmf/folder.jsp; manipulating the directory parameter folderid enables an SQL injection. The attack surface is remote, and the vulnerability has been publicly disclosed. Multiple connected ...
CVE-2026-1132 Yonyou KSOA HTTP GET Parameter edit_folder.jsp sql injection
A vulnerability was found in Yonyou KSOA 9.0. The affected element is an unknown function of the file /kmf/editfolder.jsp of the component HTTP GET Parameter Handler. Performing a manipulation of the argument folderid results in sql injection. The attack can be initiated remotely. The exploit has...
CVE-2026-1132
CVE-2026-1132 affects Yonyou KSOA 9.0. The vulnerability lies in the HTTP GET Parameter Handler, specifically the /kmf/edit_folder.jsp file, where manipulating the folderid argument enables SQL injection. The exploit appears to be public and exploitable remotely; there is no vendor response or co...
PT-2026-3511
Name of the Vulnerable Software and Affected Versions Yonyou KSOA version 9.0 Description A security issue exists in Yonyou KSOA 9.0 related to the HTTP GET Parameter Handler component. The vulnerability is located in the /kmf/select.jsp file. Manipulation of the folderid parameter can lead to a...
Yonyou KSOA SQL injection vulnerability
Yonyou KSOA is an enterprise-level management software developed by Yonyou Corporation in China. Version 9.0 of Yonyou KSOA contains a SQL injection vulnerability, which stems from incorrect handling of the folderid parameter in the file/kmf/folder.jsp, potentially leading to SQL injection attack...
Yonyou KSOA SQL injection vulnerability
Yonyou KSOA is an enterprise-level management software developed by Yonyou Corporation in China. Version 9.0 of Yonyou KSOA contains a SQL injection vulnerability, which stems from incorrect handling of the folderid parameter in the file/kmf/select.jsp, potentially leading to SQL injection attack...
Yonyou KSOA SQL injection vulnerability
Yonyou KSOA is an enterprise-level management software developed by Yonyou Corporation in China. Version 9.0 of Yonyou KSOA contains a SQL injection vulnerability, which stems from incorrect handling of the folderid parameter in the file/kmf/editfolder.jsp. This vulnerability may lead to SQL...
Yonyou KSOA SQL injection vulnerability
Yonyou KSOA is an enterprise-level management software developed by Yonyou Corporation in China. Version 9.0 of Yonyou KSOA contains a SQL injection vulnerability, which stems from incorrect handling of the folderid parameter in the file/kmf/userpopedom.jsp. This vulnerability may lead to SQL...
PT-2026-3415
Name of the Vulnerable Software and Affected Versions Yonyou KSOA version 9.0 Description A flaw exists in Yonyou KSOA 9.0 related to the HTTP GET Parameter Handler component and the /kmf/edit folder.jsp file. Manipulation of the folderid argument can lead to SQL injection. This issue is remotely...
PT-2026-3419
Name of the Vulnerable Software and Affected Versions Yonyou KSOA version 9.0 Description A flaw exists in Yonyou KSOA 9.0 related to the HTTP GET Parameter Handler. Specifically, manipulating the folderid argument in the /kmf/folder.jsp file can result in SQL injection. This issue is exploitable...
CVE-2005-1327
Cross-site scripting XSS vulnerability in pms.php for Woltlab Burning Board 2.3.1 PL2 and earlier allows remote attackers to inject arbitrary web script or HTML via the folderid parameter...
EUVD-2020-21124
Malware in sbrugna...
CVE-2020-28727
Cross-site scripting XSS exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php...
CVE-2020-28727
Cross-site scripting XSS exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php...
CVE-2020-28727
Cross-site scripting XSS exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php...
CVE-2020-28727
Cross-site scripting XSS exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php...