Aaluoxiang: >> Oa System >> 1.1 Security Vulnerabilities
SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the alph parameters in src/main/Java/cn/gson/oasys/controller/address/AddrController
CVSS Score
8.0
EPSS Score
0.002
Published
2025-09-16
oasys v1.1 is vulnerable to Directory Traversal in ProcedureController.
CVSS Score
5.6
EPSS Score
0.002
Published
2025-09-10
SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the allDirector() method declaration in src/main/java/cn/gson/oasys/mappers/AddressMapper.java
CVSS Score
9.8
EPSS Score
0.003
Published
2025-08-29