Lucene search
+L

2957 matches found

Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.9 views

PT-2026-20493

A vulnerability was detected in huanzi-qch base-admin up to 57a8126bb3353a004f3c7722089e3b926ea83596. Impacted is the function Upload of the file SysFileController.java of the component JSP Parser. Performing a manipulation of the argument File results in unrestricted upload. The attack can be...

6.5CVSS5.3AI score0.00272EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/01/20 11:26 p.m.11 views

CVE-2026-1179

A vulnerability was detected in Yonyou KSOA 9.0. This affects an unknown part of the file /kmf/userpopedom.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument folderid results in sql injection. The attack can be launched remotely. The exploit is now public and may be...

9.8CVSS7.1AI score0.00359EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/20 10:23 p.m.9 views

CVE-2026-1177

A weakness has been identified in Yonyou KSOA 9.0. Affected by this vulnerability is an unknown functionality of the file /kmf/savefolder.jsp of the component HTTP GET Parameter Handler. Executing a manipulation of the argument folderid can lead to sql injection. It is possible to launch the atta...

9.8CVSS5.5AI score0.00359EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/20 10:23 p.m.7 views

CVE-2026-1178

A security vulnerability has been detected in Yonyou KSOA 9.0. Affected by this issue is some unknown functionality of the file /kmf/select.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument folderid leads to sql injection. The attack can be initiated remotely. The...

9.8CVSS7AI score0.00352EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/20 2:25 a.m.8 views

CVE-2026-1132

A vulnerability was found in Yonyou KSOA 9.0. The affected element is an unknown function of the file /kmf/editfolder.jsp of the component HTTP GET Parameter Handler. Performing a manipulation of the argument folderid results in sql injection. The attack can be initiated remotely. The exploit has...

9.8CVSS5.4AI score0.0051EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/20 2:25 a.m.9 views

CVE-2026-1133

A vulnerability was determined in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /kmf/folder.jsp of the component HTTP GET Parameter Handler. Executing a manipulation of the argument folderid can lead to sql injection. The attack can be launched remotely. The exploit has...

9.8CVSS5.5AI score0.00493EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/20 1:22 a.m.10 views

CVE-2026-1130

A flaw has been found in Yonyou KSOA 9.0. This issue affects some unknown processing of the file /worksheet/worksaddplan.jsp of the component HTTP GET Parameter Handler. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been...

9.8CVSS5.4AI score0.00493EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/20 12:29 a.m.15 views

CVE-2026-1129

A vulnerability was detected in Yonyou KSOA 9.0. This vulnerability affects unknown code of the file /worksheet/worksadd.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now publi...

9.8CVSS5.4AI score0.00493EPSS
Exploits0References1
NVD
NVD
added 2026/01/19 11:16 p.m.16 views

CVE-2026-1179

A vulnerability was detected in Yonyou KSOA 9.0. This affects an unknown part of the file /kmf/userpopedom.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument folderid results in sql injection. The attack can be launched remotely. The exploit is now public and may be...

9.8CVSS0.00359EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/19 10:32 p.m.29 views

CVE-2026-1179 Yonyou KSOA HTTP GET Parameter user_popedom.jsp sql injection

A vulnerability was detected in Yonyou KSOA 9.0. This affects an unknown part of the file /kmf/userpopedom.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument folderid results in sql injection. The attack can be launched remotely. The exploit is now public and may be...

7.5CVSS0.00359EPSS
Exploits0References4
NVD
NVD
added 2026/01/19 10:16 p.m.8 views

CVE-2026-1178

A security vulnerability has been detected in Yonyou KSOA 9.0. Affected by this issue is some unknown functionality of the file /kmf/select.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument folderid leads to sql injection. The attack can be initiated remotely. The...

9.8CVSS0.00352EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/19 10:2 p.m.25 views

CVE-2026-1178 Yonyou KSOA HTTP GET Parameter select.jsp sql injection

A security vulnerability has been detected in Yonyou KSOA 9.0. Affected by this issue is some unknown functionality of the file /kmf/select.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument folderid leads to sql injection. The attack can be initiated remotely. The...

7.5CVSS0.00352EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/19 2:26 p.m.9 views

CVE-2026-1122

A vulnerability was determined in Yonyou KSOA 9.0. This impacts an unknown function of the file /worksheet/workinfo.jsp of the component HTTP GET Parameter Handler. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly...

9.8CVSS5.4AI score0.00414EPSS
Exploits0References1
OSV
OSV
added 2026/01/19 2:15 a.m.3 views

CVE-2026-1131

A vulnerability has been found in Yonyou KSOA 9.0. Impacted is an unknown function of the file /kmc/savecatalog.jsp of the component HTTP GET Parameter Handler. Such manipulation of the argument catalogid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS5.6AI score0.0051EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/19 2:2 a.m.28 views

CVE-2026-1133 Yonyou KSOA HTTP GET Parameter folder.jsp sql injection

A vulnerability was determined in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /kmf/folder.jsp of the component HTTP GET Parameter Handler. Executing a manipulation of the argument folderid can lead to sql injection. The attack can be launched remotely. The exploit has...

7.5CVSS0.00493EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/19 2:2 a.m.5 views

CVE-2026-1133 Yonyou KSOA HTTP GET Parameter folder.jsp sql injection

A vulnerability was determined in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /kmf/folder.jsp of the component HTTP GET Parameter Handler. Executing a manipulation of the argument folderid can lead to sql injection. The attack can be launched remotely. The exploit has...

7.5CVSS7.1AI score0.00493EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/19 1:32 a.m.28 views

CVE-2026-1132 Yonyou KSOA HTTP GET Parameter edit_folder.jsp sql injection

A vulnerability was found in Yonyou KSOA 9.0. The affected element is an unknown function of the file /kmf/editfolder.jsp of the component HTTP GET Parameter Handler. Performing a manipulation of the argument folderid results in sql injection. The attack can be initiated remotely. The exploit has...

7.5CVSS0.0051EPSS
Exploits0References4
CVE
CVE
added 2026/01/19 1:32 a.m.27 views

CVE-2026-1132

CVE-2026-1132 affects Yonyou KSOA 9.0. The vulnerability lies in the HTTP GET Parameter Handler, specifically the /kmf/edit_folder.jsp file, where manipulating the folderid argument enables SQL injection. The exploit appears to be public and exploitable remotely; there is no vendor response or co...

9.8CVSS6.5AI score0.0051EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/01/19 1:16 a.m.3 views

CVE-2026-1130

A flaw has been found in Yonyou KSOA 9.0. This issue affects some unknown processing of the file /worksheet/worksaddplan.jsp of the component HTTP GET Parameter Handler. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been...

9.8CVSS5.6AI score0.00493EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/19 12:32 a.m.4 views

CVE-2026-1130

A flaw has been found in Yonyou KSOA 9.0. This issue affects some unknown processing of the file /worksheet/worksaddplan.jsp of the component HTTP GET Parameter Handler. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been...

9.8CVSS5.3AI score0.00493EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder