Vulnerabilities (CVE)

Filtered by vendor Yimihome Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-38808 1 Yimihome 1 Ywoa 2024-11-21 N/A 8.8 HIGH
ywoa v6.1 is vulnerable to SQL Injection via backend/oa/visual/exportExcel.do interface.
CVE-2022-36606 1 Yimihome 1 Ywoa 2024-11-21 N/A 9.8 CRITICAL
Ywoa before v6.1 was discovered to contain a SQL injection vulnerability via /oa/setup/checkPool?database.
CVE-2022-36605 1 Yimihome 1 Ywoa 2024-11-21 N/A 9.8 CRITICAL
Yimioa v6.1 was discovered to contain a SQL injection vulnerability via the orderbyGET parameter.