9 matches found
EUVD-2020-9948
Malware in sbrugna...
CVE-2020-18019
SQL Injection in Xinhu OA System v1.8.3 allows remote attackers to obtain sensitive information by injecting arbitrary commands into the "typeid" variable of the "createfolderAjax" function in the "modeworcAction.php" component...
Command Execution Vulnerability in Xinhuo OA Office System (CNVD-2021-52069)
Xinhu OA office system is a free and open source office OA system. Xinhao OA Office System has a command execution vulnerability that can be exploited by an attacker to gain control of the server...
Command Execution Vulnerability in Xinhuo OA Office System
Xinhu OA office system is an open source online office system. A command execution vulnerability exists in Xinhuo OA Office System, which can be exploited by a remote attacker to submit a special request that can execute arbitrary commands and gain shell privileges on the host...
CVE-2020-18019
SQL Injection in Xinhu OA System v1.8.3 allows remote attackers to obtain sensitive information by injecting arbitrary commands into the "typeid" variable of the "createfolderAjax" function in the "modeworcAction.php" component...
Sql injection
SQL Injection in Xinhu OA System v1.8.3 allows remote attackers to obtain sensitive information by injecting arbitrary commands into the "typeid" variable of the "createfolderAjax" function in the "modeworcAction.php" component...
CVE-2020-18019
SQL Injection in Xinhu OA System v1.8.3 allows remote attackers to obtain sensitive information by injecting arbitrary commands into the "typeid" variable of the "createfolderAjax" function in the "modeworcAction.php" component...
CVE-2020-18019
CVE-2020-18019: Xinhu OA System v1.8.3 contains an SQL injection in the typeid parameter of the createfolderAjax function (mode_worcAction.php). The root cause is unvalidated input allowing arbitrary commands to be injected, leading to unauthorized access to sensitive information. Reported impact...
信呼 Rockoa Xinhu SQL注入漏洞
Rockoa Xinhu is a Php-based office OA system from China Xinhu Rockoa. A SQL injection vulnerability exists in Xinhu OA System v1.8.3, which allows remote attackers to obtain sensitive information by injecting arbitrary commands into the "createfolderAjax" function of the "mode worcAction.php"...