जमा करें #849470: Jinher OA V1.0 SQL Injectionजानकारी

शीर्षकJinher OA V1.0 SQL Injection
विवरणA critical SQL injection vulnerability has been discovered in the PlanGiveOut.aspx component of Jinher OA. The affected parameter is httpOID, which is used to retrieve or manipulate plan-related data. Due to improper sanitization of user-supplied input before incorporating it into SQL queries, an attacker can inject arbitrary SQL commands into the backend database. This flaw is especially dangerous because it does not require any form of authentication — even unauthenticated remote attackers can exploit it by sending specially crafted HTTP requests to the vulnerable endpoint.
स्रोत⚠️ https://github.com/weini587/CVE/issues/1
उपयोगकर्ता
 weini123 (UID 98786)
सबमिशन05/06/2026 04:10 PM (1 महीना पहले)
संयम12/07/2026 01:08 PM (1 month later)
स्थितिस्वीकृत
VulDB प्रविष्टि377846 [Jinher OA 1.0 PlanGiveOut.aspx httpOID SQL इंजेक्शन]
अंक20

Want to know what is going to be exploited?

We predict KEV entries!