제출 #849470: Jinher OA V1.0 SQL Injection정보

제목Jinher OA V1.0 SQL Injection
설명A critical SQL injection vulnerability has been discovered in the PlanGiveOut.aspx component of Jinher OA. The affected parameter is httpOID, which is used to retrieve or manipulate plan-related data. Due to improper sanitization of user-supplied input before incorporating it into SQL queries, an attacker can inject arbitrary SQL commands into the backend database. This flaw is especially dangerous because it does not require any form of authentication — even unauthenticated remote attackers can exploit it by sending specially crafted HTTP requests to the vulnerable endpoint.
원천⚠️ https://github.com/weini587/CVE/issues/1
사용자
 weini123 (UID 98786)
제출2026. 06. 05. PM 04:10 (1 월 ago)
모더레이션2026. 07. 12. PM 01:08 (1 month later)
상태수락
VulDB 항목377846 [Jinher OA 1.0 PlanGiveOut.aspx httpOID SQL 주입]
포인트들20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!