Jinher OA 代码问题漏洞

Jinher OA is a collaborative management software from Jinher, China. A code issue vulnerability exists in Jinher OA 1.2 and earlier versions, which originates from an XML external entity reference vulnerability in the /c6/Jhsoft.Web.projectmanage/ProjectManage/XmlHttp.aspx file...

CVE-2024-25526

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the projectid parameter at /ProjectManage/pmgattinc.aspx...

CVE-2024-25526

CVE-2024-25526 affects RuvarOA v6.01 and v12.01. A SQL injection vulnerability exists in the project_id parameter of /ProjectManage/pm_gatt_inc.aspx, caused by insufficient input validation. Impact is described as high (CVE metrics: CVSS 3.1: HIGH, 8.1/CRITICAL under I/H/A). Some sources indicate...

CVE-2024-25526

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the projectid parameter at /ProjectManage/pmgattinc.aspx...

PT-2024-20987 · Ruvaroa · Ruvaroa

Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: A SQL injection issue was discovered via the project id parameter at the "/ProjectManage/pm gatt inc.aspx" API endpoint. This allows for potential exploitation. No information is provided about...

CVE-2024-25526

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the projectid parameter at /ProjectManage/pmgattinc.aspx...