7 matches found
risesoft-y9 Digital-Infrastructure has a SQL injection vulnerability
A flaw has been found in risesoft-y9 Digital-Infrastructure up to 9.6.7. This affects an unknown function of the file source-code/src/main/java/net/risesoft/util/Y9PlatformUtil.java of the component REST Authenticate Endpoint. Executing a manipulation can lead to sql injection. The attack can be...
Injection
Overview Affected versions of this package are vulnerable to Injection via the REST Authenticate Endpoint in the Y9PlatformUtil.java file. An attacker can access, modify, or disrupt sensitive data by sending specially crafted requests to the affected endpoint. Remediation There is no fixed versio...
CVE-2026-1050
A flaw has been found in risesoft-y9 Digital-Infrastructure up to 9.6.7. This affects an unknown function of the file source-code/src/main/java/net/risesoft/util/Y9PlatformUtil.java of the component REST Authenticate Endpoint. Executing a manipulation can lead to sql injection. The attack can be...
CVE-2026-1050
A flaw has been found in risesoft-y9 Digital-Infrastructure up to 9.6.7. This affects an unknown function of the file source-code/src/main/java/net/risesoft/util/Y9PlatformUtil.java of the component REST Authenticate Endpoint. Executing a manipulation can lead to sql injection. The attack can be...
CVE-2026-1050
CVE-2026-1050 concerns risesoft-y9 Digital-Infrastructure up to 9.6.7. The vulnerability is in the REST Authenticate Endpoint, specifically in Y9PlatformUtil.java, where an attacker can trigger SQL injection via remotely crafted requests. Multiple sources (NVD, Red Hat, circl, OSV, GHSA, Snyk) co...
PT-2026-3745
A flaw has been found in risesoft-y9 Digital-Infrastructure up to 9.6.7. This affects an unknown function of the file source-code/src/main/java/net/risesoft/util/Y9PlatformUtil.java of the component REST Authenticate Endpoint. Executing a manipulation can lead to sql injection. The attack can be...
Digital-infrastructure SQL injection vulnerabilities
Digital-Infrastructure is an open-source management platform developed by Risesoft. Versions of Digital-Infrastructure 9.6.7 and earlier contain a SQL injection vulnerability. This vulnerability stems from incorrect operations on the component REST Authenticate Endpoint located in the file...