Filtered by vendor Xinfu
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-18019 | 1 Xinfu | 1 Oa System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
SQL Injection in Xinhu OA System v1.8.3 allows remote attackers to obtain sensitive information by injecting arbitrary commands into the "typeid" variable of the "createfolderAjax" function in the "mode_worcAction.php" component. |