| عنوان | BeiJing Seeyon Internet Software Corp. Seeyon FE Collaborative Office Platform V5.5.2 SQL Injection |
|---|
| الوصف | SQL Injection Vulnerability in Seeyon FE Collaborative Office Platform /sysform/042/check.js%70 Endpoint
A SQL injection vulnerability exists in the FE Collaborative Office Platform developed by Beijing Seeyon Internet Software Corp. An attacker can exploit this vulnerability by crafting malicious requests to access sensitive information from the database. The affected system is the Seeyon FE platform (note: this is not a product of FeiQi Internet).
The vulnerability lies in the name parameter of the endpoint, which lacks proper input filtering. Attackers can inject malicious SQL payloads (e.g., 11';WAITFOR+DELAY+'0:0:2'--+-) to perform blind time-based SQL injection and extract sensitive database information. |
|---|
| المصدر | ⚠️ https://github.com/Angel12345623/CVE/blob/main/CVE_1.md |
|---|
| المستخدم | Angel (UID 83159) |
|---|
| ارسال | 25/03/2025 06:52 AM (1 سنة منذ) |
|---|
| الاعتدال | 07/04/2025 12:13 PM (13 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 303647 [Seeyon Zhiyuan Interconnect FE Collaborative Office Platform /sysform/042/check.js%70 حقن SQL] |
|---|
| النقاط | 20 |
|---|