提交 #637413: Jinhe OA V1.0 SQL Injection
| 标题 | Jinhe OA V1.0 SQL Injection |
|---|---|
| 描述 | - A critical SQL injection vulnerability was discovered in Jinhe OA's GetTreeDate.aspx component. The "id" parameter is vulnerable to SQL injection, allowing unauthenticated attackers to execute arbitrary SQL queries on the backend database. |
| 来源 | ⚠️ https:/ |
| 用户 | Zre0x1c (UID 89206) |
| 提交 | 2025-08-19 16時26分 (11 月前) |
| 管理 | 2025-08-29 10時16分 (10 days later) |
| 状态 | 已接受 |
| VulDB条目 | 321876 [Jinher OA 1.0 GetTreeDate.aspx 标识符 SQL注入] |
| 积分 | 17 |