CVE-2026-1124

A security flaw has been discovered in Yonyou KSOA 9.0. Affected by this vulnerability is an unknown functionality of the file /worksheet/workreport.jsp of the component HTTP GET Parameter Handler. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the...

CVE-2026-1124

A security flaw has been discovered in Yonyou KSOA 9.0. Affected by this vulnerability is an unknown functionality of the file /worksheet/workreport.jsp of the component HTTP GET Parameter Handler. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the...

CVE-2026-1124 Yonyou KSOA HTTP GET Parameter work_report.jsp sql injection

A security flaw has been discovered in Yonyou KSOA 9.0. Affected by this vulnerability is an unknown functionality of the file /worksheet/workreport.jsp of the component HTTP GET Parameter Handler. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the...

CVE-2025-15420

A security vulnerability has been detected in Yonyou KSOA 9.0. This affects an unknown part of the file /worksheet/agentworkreport.jsp. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The...

CVE-2025-15420 Yonyou KSOA agent_work_report.jsp sql injection

A security vulnerability has been detected in Yonyou KSOA 9.0. This affects an unknown part of the file /worksheet/agentworkreport.jsp. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The...

CVE-2025-15420

CVE-2025-15420 affects Yonyou KSOA 9.0. The vulnerability is in the file "/worksheet/agent_work_report.jsp" where manipulating the parameter ID leads to SQL injection. This can be exploited remotely, with the exploit publicly disclosed. Multiple sources (NVD, Red Hat, CVE lists) corroborate the i...

CVE-2025-15420 Yonyou KSOA agent_work_report.jsp sql injection

A security vulnerability has been detected in Yonyou KSOA 9.0. This affects an unknown part of the file /worksheet/agentworkreport.jsp. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The...

PT-2026-1036

Name of the Vulnerable Software and Affected Versions Yonyou KSOA version 9.0 Description A security issue exists in Yonyou KSOA 9.0 related to SQL injection. The issue is located in the file /worksheet/agent work report.jsp. Manipulation of the ID argument can lead to a successful exploit. The...

EUVD-2025-28299

Malicious code in bioql PyPI...

EUVD-2025-16281

Malicious code in bioql PyPI...

CVE-2025-5205 1000 Projects Daily College Class Work Report Book dcwr_entry.php sql injection

A vulnerability classified as critical has been found in 1000 Projects Daily College Class Work Report Book 1.0. Affected is an unknown function of the file /dcwrentry.php. The manipulation of the argument Date leads to sql injection. It is possible to launch the attack remotely. The exploit has...

1000 Projects Daily College Class Work Report Book 注入漏洞

1000 Projects Daily College Class Work Report Book is an open source college class work report book by 1000 Projects. An injection vulnerability exists in version 1.0 of 1000 Projects Daily College Class Work Report Book, which originates from a SQL injection due to misuse of the parameter Date i...

CVE-2025-4940

CVE-2025-4940 affects 1000 Projects Daily College Class Work Report Book 1.0. A SQL injection vulnerability exists in the handling of the batch argument in /admin_info.php, which can be triggered remotely. Multiple Connected documents confirm the issue, retrieving that the vulnerability stems fro...

CVE-2024-57159

07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery CSRF via /erp.07fly.net:80/oa/OaWorkReport/add.html...

PT-2025-3403 · 07Flycms · 07Flycms

Name of the Vulnerable Software and Affected Versions: 07FLYCMS version 1.3.9 Description: A Cross-Site Request Forgery CSRF issue was discovered in 07FLYCMS. The issue is related to the "/erp.07fly.net:80/oa/OaWorkReport/add.html" API endpoint. Recommendations: For 07FLYCMS version 1.3.9, as a...

PT-2025-3405 · 07Flycms · 07Flycms

Name of the Vulnerable Software and Affected Versions: 07FLYCMS version 1.3.9 Description: A Cross-Site Request Forgery CSRF issue was discovered in 07FLYCMS. The issue is related to the "/erp.07fly.net:80/oa/OaWorkReport/edit.html" API endpoint. Recommendations: For 07FLYCMS version 1.3.9,...