| عنوان | Jinhe OA V1.0 SQL Injection |
|---|
| الوصف | A severe SQL injection vulnerability was discovered in the UserSel.aspx component during testing of Jinhe OA. The "DeptIDList" parameter is vulnerable to SQL injection attacks, enabling unauthorized attackers to execute arbitrary SQL queries on the backend database, which could potentially lead to remote code execution under certain conditions.
|
|---|
| المصدر | ⚠️ https://github.com/zzlln/cvecve/issues/1 |
|---|
| المستخدم | ZLNZLN (UID 97174) |
|---|
| ارسال | 08/04/2026 08:59 AM (2 أشهر منذ) |
|---|
| الاعتدال | 02/05/2026 10:07 AM (24 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 360818 [Jinher OA 1.0 UserSel.aspx DeptIDList حقن SQL] |
|---|
| النقاط | 19 |
|---|