| Название | BeiJing Seeyon Internet Software Corp. Seeyon FE Collaborative Office Platform V5.5.2 SQL Injection |
|---|
| Описание | SQL Injection Vulnerability in Seeyon FE Collaborative Office Platform /sysform/042/check.js%70 Endpoint
A SQL injection vulnerability exists in the FE Collaborative Office Platform developed by Beijing Seeyon Internet Software Corp. An attacker can exploit this vulnerability by crafting malicious requests to access sensitive information from the database. The affected system is the Seeyon FE platform (note: this is not a product of FeiQi Internet).
The vulnerability lies in the name parameter of the endpoint, which lacks proper input filtering. Attackers can inject malicious SQL payloads (e.g., 11';WAITFOR+DELAY+'0:0:2'--+-) to perform blind time-based SQL injection and extract sensitive database information. |
|---|
| Источник | ⚠️ https://github.com/Angel12345623/CVE/blob/main/CVE_1.md |
|---|
| Пользователь | Angel (UID 83159) |
|---|
| Представление | 25.03.2025 06:52 (1 Год назад) |
|---|
| Модерация | 07.04.2025 12:13 (13 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 303647 [Seeyon Zhiyuan Interconnect FE Collaborative Office Platform /sysform/042/check.js%70 SQL-инъекция] |
|---|
| Баллы | 20 |
|---|