CVE-2024-7327 in RockOA情報

要約

〜によって MITRE • 2024年08月01日

A vulnerability classified as critical was found in Xinhu RockOA 2.6.2. This vulnerability affects the function dataAction of the file /webmain/task/openapi/openmodhetongAction.php. The manipulation of the argument nickName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273250 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

責任者

VulDB

モデレーション

承諾済み

エントリ

VDB-273250

エクスプロイト

ダウンロード

EPSS

0.00514

アクティビティ

非常低い

ソース

Interested in the pricing of exploits?

See the underground prices here!