46 matches found
CVE-2026-1133
A vulnerability was determined in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /kmf/folder.jsp of the component HTTP GET Parameter Handler. Executing a manipulation of the argument folderid can lead to sql injection. The attack can be launched remotely. The exploit has...
CVE-2026-1133
CVE-2026-1133 affects Yonyou KSOA 9.0. The vulnerable element is the HTTP GET Parameter Handler in the file /kmf/folder.jsp; manipulating the directory parameter folderid enables an SQL injection. The attack surface is remote, and the vulnerability has been publicly disclosed. Multiple connected ...
CVE-2026-1133 Yonyou KSOA HTTP GET Parameter folder.jsp sql injection
A vulnerability was determined in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /kmf/folder.jsp of the component HTTP GET Parameter Handler. Executing a manipulation of the argument folderid can lead to sql injection. The attack can be launched remotely. The exploit has...
CVE-2026-1132
A vulnerability was found in Yonyou KSOA 9.0. The affected element is an unknown function of the file /kmf/editfolder.jsp of the component HTTP GET Parameter Handler. Performing a manipulation of the argument folderid results in sql injection. The attack can be initiated remotely. The exploit has...
CVE-2026-1132 Yonyou KSOA HTTP GET Parameter edit_folder.jsp sql injection
A vulnerability was found in Yonyou KSOA 9.0. The affected element is an unknown function of the file /kmf/editfolder.jsp of the component HTTP GET Parameter Handler. Performing a manipulation of the argument folderid results in sql injection. The attack can be initiated remotely. The exploit has...
CVE-2026-1132
CVE-2026-1132 affects Yonyou KSOA 9.0. The vulnerability lies in the HTTP GET Parameter Handler, specifically the /kmf/edit_folder.jsp file, where manipulating the folderid argument enables SQL injection. The exploit appears to be public and exploitable remotely; there is no vendor response or co...
PT-2026-3419
Name of the Vulnerable Software and Affected Versions Yonyou KSOA version 9.0 Description A flaw exists in Yonyou KSOA 9.0 related to the HTTP GET Parameter Handler. Specifically, manipulating the folderid argument in the /kmf/folder.jsp file can result in SQL injection. This issue is exploitable...
PT-2026-3511
Name of the Vulnerable Software and Affected Versions Yonyou KSOA version 9.0 Description A security issue exists in Yonyou KSOA 9.0 related to the HTTP GET Parameter Handler component. The vulnerability is located in the /kmf/select.jsp file. Manipulation of the folderid parameter can lead to a...
PT-2026-3512
A vulnerability was detected in Yonyou KSOA 9.0. This affects an unknown part of the file /kmf/user popedom.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument folderid results in sql injection. The attack can be launched remotely. The exploit is now public and may b...
PT-2026-3415
Name of the Vulnerable Software and Affected Versions Yonyou KSOA version 9.0 Description A flaw exists in Yonyou KSOA 9.0 related to the HTTP GET Parameter Handler component and the /kmf/edit folder.jsp file. Manipulation of the folderid argument can lead to SQL injection. This issue is remotely...
Yonyou KSOA SQL injection vulnerability
Yonyou KSOA is an enterprise-level management software developed by Yonyou Corporation in China. Version 9.0 of Yonyou KSOA contains a SQL injection vulnerability, which stems from incorrect handling of the folderid parameter in the file/kmf/editfolder.jsp. This vulnerability may lead to SQL...
Yonyou KSOA SQL injection vulnerability
Yonyou KSOA is an enterprise-level management software developed by Yonyou Corporation in China. Version 9.0 of Yonyou KSOA contains a SQL injection vulnerability, which stems from incorrect handling of the folderid parameter in the file/kmf/folder.jsp, potentially leading to SQL injection attack...
Yonyou KSOA SQL injection vulnerability
Yonyou KSOA is an enterprise-level management software developed by Yonyou Corporation in China. Version 9.0 of Yonyou KSOA contains a SQL injection vulnerability, which stems from incorrect handling of the folderid parameter in the file/kmf/select.jsp, potentially leading to SQL injection attack...
Yonyou KSOA SQL injection vulnerability
Yonyou KSOA is an enterprise-level management software developed by Yonyou Corporation in China. Version 9.0 of Yonyou KSOA contains a SQL injection vulnerability, which stems from incorrect handling of the folderid parameter in the file/kmf/userpopedom.jsp. This vulnerability may lead to SQL...
CVE-2005-1327
Cross-site scripting XSS vulnerability in pms.php for Woltlab Burning Board 2.3.1 PL2 and earlier allows remote attackers to inject arbitrary web script or HTML via the folderid parameter...
EUVD-2020-21124
Malware in sbrugna...
CVE-2020-28727
Cross-site scripting XSS exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php...
CVE-2020-28727
Cross-site scripting XSS exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php...
CVE-2020-28727
Cross-site scripting XSS exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php...
CVE-2020-28727
Cross-site scripting XSS exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php...