SQL Injection Vulnerability in Webservice of Wando ezOFFICE Collaboration Office System
Wando ezOFFICE collaborative management platform is a comprehensive information base application platform. A SQL injection vulnerability exists in the Wando ezOFFICE Collaborative Office System webservice. The lack of filtering of the 'SOAP unitLevel' parameter allows attackers to exploit the...