3 matches found
CVE-2025-1226
A vulnerability was found in ywoa up to 2024.07.03. It has been declared as critical. This vulnerability affects unknown code of the file /oa/setup/setup.jsp. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and m...
CVE-2025-1227
A vulnerability was found in ywoa up to 2024.07.03. It has been rated as critical. This issue affects the function selectList of the file com/cloudweb/oa/mapper/xml/AddressDao.xml. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the...
PT-2025-6863 · Ywoa · Ywoa
Name of the Vulnerable Software and Affected Versions: ywoa versions up to 2024.07.03 Description: A critical issue affects the function selectList of the file com/cloudweb/oa/mapper/xml/AddressDao.xml, leading to SQL injection. The attack may be initiated remotely. Recommendations: Upgrading to...