4 matches found
SQL Injection Vulnerability in Jinhe C6 Collaborative Management Platform
Jinhe C6 collaborative management platform is a Web-based enterprise-level collaborative management platform software system with independent intellectual property rights of Jinhe Software. SQL injection vulnerability exists in Jinhe C6 Collaborative Management Platform, which can be exploited by...
Arbitrary File Download Vulnerability in Jinhe C6 Collaboration Management Platform
C6 is a Web-based enterprise-level collaborative management platform software system with independent intellectual property rights of Jinhe Software. There is an arbitrary file download vulnerability in the Jinhe C6 collaborative management platform, which can be exploited by attackers to obtain...
Beijing Jinhe C6 Collaborative Management Platform Arbitrary File Download Vulnerability
Jinhe OA is developed with asp.net and sqlserver technology and is used by many users. OA system/JHSoft.Web.CustomQuery/FileDownLoad.aspx page due to the FilePath parameter did not do ... /filter, can download any file in any directory, resulting in arbitrary file download vulnerability...
Multiple SQL Injection Vulnerabilities in Beijing Jinhe C6 Collaborative Management Platform
Jinhe OA is developed with asp.net and sqlserver technology and is used by many users. There are multiple SQL injection vulnerabilities in the OA system. However, these injections need to log in to the system to be able to use the OA system for sql filtering, but the filtering is not strict enoug...