| Название | Jinher OA V1.2 SQL Injection |
|---|
| Описание | A critical SQL injection vulnerability was discovered in Jinhe OA's /C6/Jhsoft.Web.departments/GetTreeDate.aspx component. The "id" parameter is vulnerable to SQL injection, allowing unauthenticated attackers to execute arbitrary SQL queries on the backend database. |
|---|
| Источник | ⚠️ https://github.com/Cstarplus/CVE/issues/1 |
|---|
| Пользователь | abc_123456 (UID 89341) |
|---|
| Представление | 30.08.2025 15:11 (9 месяцы назад) |
|---|
| Модерация | 08.09.2025 06:57 (9 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 323045 [Jinher OA до 1.2 GetTreeDate.aspx ИД SQL-инъекция] |
|---|
| Баллы | 18 |
|---|