提交 #644635: Jinher OA V1.2 SQL Injection
| 标题 | Jinher OA V1.2 SQL Injection |
|---|---|
| 描述 | A critical SQL injection vulnerability was discovered in Jinhe OA's /C6/Jhsoft.Web.departments/GetTreeDate.aspx component. The "id" parameter is vulnerable to SQL injection, allowing unauthenticated attackers to execute arbitrary SQL queries on the backend database. |
| 来源 | ⚠️ https:/ |
| 用户 | abc_123456 (UID 89341) |
| 提交 | 2025-08-30 15時11分 (9 月前) |
| 管理 | 2025-09-08 06時57分 (9 days later) |
| 状态 | 已接受 |
| VulDB条目 | 323045 [Jinher OA 直到 1.2 GetTreeDate.aspx 标识符 SQL注入] |
| 积分 | 18 |