CVE-2026-7292

A security vulnerability has been detected in o2oa up to 10.0. This impacts the function syncFile of the file NodeAgent.java of the component NodeAgent. The manipulation leads to improper authorization. The attack can be initiated remotely. The complexity of an attack is rather high. The...

CVE-2026-2074

A vulnerability was identified in O2OA up to 9.0.0. This impacts an unknown function of the file /xprogramcenter/jaxrs/mpweixin/check of the component HTTP POST Request Handler. The manipulation leads to xml external entity reference. It is possible to initiate the attack remotely. The exploit is...

O2OA 信息泄露漏洞

LanDe Network O2oa is an Oa office system from LanDe Network China. An information disclosure vulnerability exists in O2OA 20240403 and prior versions, which stems from an unknown function in the file /xportal that can lead to information disclosure...

LanDe Network O2oa 安全漏洞

LanDe Network O2oa is an Oa office system from LanDe Network China. A security vulnerability exists in LanDe Network O2oa v6.4.7, which stems from a lack of command parameter filtering in /xprogramcenter/jaxrs/invoke, which could lead to remote command execution...

Arbitrary File Read Vulnerability in O2OA System

O2OA system is a Java open source enterprise information construction platform . O2OA system has an arbitrary file read vulnerability that can be exploited by attackers to obtain sensitive information...

Logic flaws exist in the O2OA system of Zhejiang Rand Vertical and Horizontal Network Technology Co.

The business scope of Zhejiang LANDZONE Network Technology Co., Ltd. includes: the development of computer software, network technology and its products, technical services, computer system integration, intelligent building system technical services and so on. There is a logic flaw vulnerability ...