CVE-2025-15425

A vulnerability was determined in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /worksheet/deluser.jsp of the component HTTP GET Parameter Handler. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit ha...

CVE-2025-15425 Yonyou KSOA HTTP GET Parameter del_user.jsp sql injection

A vulnerability was determined in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /worksheet/deluser.jsp of the component HTTP GET Parameter Handler. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit ha...

PT-2026-1044

Name of the Vulnerable Software and Affected Versions Yonyou KSOA version 9.0 Description A flaw exists in Yonyou KSOA 9.0 related to the handling of HTTP GET parameters. Specifically, manipulation of the ID parameter in the '/worksheet/del user.jsp' file can lead to SQL injection. This issue is...

CVE-2023-3841

A vulnerability has been found in NxFilter 4.3.2.5 and classified as problematic. This vulnerability affects unknown code of the file user.jsp. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The identifier of this vulnerability is VDB-235192. NOTE: The...