CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Xinfu: >> Oa System Security Vulnerabilities

CVE-2020-18019

SQL Injection in Xinhu OA System v1.8.3 allows remote attackers to obtain sensitive information by injecting arbitrary commands into the "typeid" variable of the "createfolderAjax" function in the "mode_worcAction.php" component.

CVSS Score

7.5

EPSS Score

0.002

Published

2021-04-28

Page 1

Vulnerabilities

Vulnerable Software

Xinfu: >> Oa System Security Vulnerabilities

Products

Pricing

Contact Us