Submit #637413: Jinhe OA V1.0 SQL Injectioninfo

TitleJinhe OA V1.0 SQL Injection
Description- A critical SQL injection vulnerability was discovered in Jinhe OA's GetTreeDate.aspx component. The "id" parameter is vulnerable to SQL injection, allowing unauthenticated attackers to execute arbitrary SQL queries on the backend database.
Source⚠️ https://github.com/1276486/CVE/issues/1
User
 Zre0x1c (UID 89206)
Submission08/19/2025 16:26 (11 months ago)
Moderation08/29/2025 10:16 (10 days later)
StatusAccepted
VulDB entry321876 [Jinher OA 1.0 GetTreeDate.aspx ID sql injection]
Points17

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!