AI Score
Confidence
Low
EPSS
Percentile
9.0%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
total
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the file_id parameter at /CorporateCulture/kaizen_download.aspx.
[
{
"cpes": [
"cpe:2.3:a:guangzhou_luhua_information_technology:ruvaroa:*:*:*:*:*:*:*:*"
],
"vendor": "guangzhou_luhua_information_technology",
"product": "ruvaroa",
"versions": [
{
"status": "affected",
"version": "6.01"
},
{
"status": "affected",
"version": "12.01"
}
],
"defaultStatus": "unknown"
}
]