Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/20 12:29 a.m.13 views

CVE-2026-1129

A vulnerability was detected in Yonyou KSOA 9.0. This vulnerability affects unknown code of the file /worksheet/worksadd.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now publi...

9.8CVSS5.4AI score0.00493EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/19 12:2 a.m.25 views

CVE-2026-1129 Yonyou KSOA HTTP GET Parameter worksadd.jsp sql injection

A vulnerability was detected in Yonyou KSOA 9.0. This vulnerability affects unknown code of the file /worksheet/worksadd.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now publi...

7.5CVSS0.00493EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/19 12:0 a.m.13 views

PT-2026-3407

Name of the Vulnerable Software and Affected Versions Yonyou KSOA version 9.0 Description A flaw exists in Yonyou KSOA 9.0 related to the handling of HTTP GET parameters. Specifically, the file /worksheet/worksadd.jsp is susceptible to SQL injection through manipulation of the ID parameter. This...

9.8CVSS7.3AI score0.00493EPSS
Exploits0References10
OSV
OSV
added 2026/01/02 1:15 a.m.3 views

CVE-2025-15421

A vulnerability was detected in Yonyou KSOA 9.0. This vulnerability affects unknown code of the file /worksheet/agentworksadd.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit is now publ...

9.8CVSS5.7AI score0.00384EPSS
Exploits1References5
NVD
NVD
added 2026/01/02 1:15 a.m.4 views

CVE-2025-15421

A vulnerability was detected in Yonyou KSOA 9.0. This vulnerability affects unknown code of the file /worksheet/agentworksadd.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit is now publ...

9.8CVSS0.00384EPSS
Exploits1References5
Rows per page
Query Builder