CVE-2026-1414

CVE-2026-1414 affects Sangfor Operation and Maintenance Security Management System (up to version 3.0.12). The vulnerability resides in the HTTP POST Request Handler for /equipment/get_Information, where tampering with the fortEquipmentIp argument can trigger a command injection. The issue can be...

CVE-2025-15503

A security flaw has been discovered in Sangfor Operation and Maintenance Management System up to 3.0.8. The impacted element is an unknown function of the file /fort/trust/version/common/common.jsp. Performing a manipulation of the argument File results in unrestricted upload. The attack is...

CVE-2025-15503 Sangfor Operation and Maintenance Management System common.jsp unrestricted upload

A security flaw has been discovered in Sangfor Operation and Maintenance Management System up to 3.0.8. The impacted element is an unknown function of the file /fort/trust/version/common/common.jsp. Performing a manipulation of the argument File results in unrestricted upload. The attack is...

SQL Injection Vulnerability in the Operation Management System of Elderly Care Facilities

Yi Nursing Institution Operation Management System is a set of information management system for nursing institutions developed by Elephant Communication. SQL injection vulnerability exists in Yi Nursing Care Institution Operation Management System. SQL injection vulnerability exists in the login...