| Titel | Jinher OA V1.2 SQL Injection |
|---|
| Beschreibung | A critical SQL injection vulnerability was discovered in Jinhe OA's /C6/Jhsoft.Web.departments/GetTreeDate.aspx component. The "id" parameter is vulnerable to SQL injection, allowing unauthenticated attackers to execute arbitrary SQL queries on the backend database. |
|---|
| Quelle | ⚠️ https://github.com/Cstarplus/CVE/issues/1 |
|---|
| Benutzer | abc_123456 (UID 89341) |
|---|
| Einreichung | 30.08.2025 15:11 (vor 10 Monaten) |
|---|
| Moderieren | 08.09.2025 06:57 (9 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 323045 [Jinher OA bis 1.2 GetTreeDate.aspx ID SQL Injection] |
|---|
| Punkte | 18 |
|---|