PT-2025-6863 · Ywoa · Ywoa

Name of the Vulnerable Software and Affected Versions: ywoa versions up to 2024.07.03 Description: A critical issue affects the function selectList of the file com/cloudweb/oa/mapper/xml/AddressDao.xml, leading to SQL injection. The attack may be initiated remotely. Recommendations: Upgrading to...

ywoa SQL注入漏洞

ywoa is an OA collaborative office system by bestfeng individual developer in China. A security vulnerability exists in ywoa version 2024.07.03 and earlier versions, which originates from a SQL injection vulnerability in the selectList function of com/cloudweb/oa/mapper/xml/AddressDao.xml...