CVE-2024-7327 - Xinhu RockOA SQL Injection
CVE ID : CVE-2024-7327 Published : July 31, 2024, 10:15 p.m. | 44 minutes ago Description : A vulnerability classified as critical was found in Xinhu RockOA 2.6.2. This vulnerability affects the function dataAction of the file /webmain/task/openapi/openmodhetongAction.php. The manipulation of the argument nickName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273250 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-7327
Published : July 31, 2024, 10:15 p.m. | 44 minutes ago
Description : A vulnerability classified as critical was found in Xinhu RockOA 2.6.2. This vulnerability affects the function dataAction of the file /webmain/task/openapi/openmodhetongAction.php. The manipulation of the argument nickName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273250 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : July 31, 2024, 10:15 p.m. | 44 minutes ago
Description : A vulnerability classified as critical was found in Xinhu RockOA 2.6.2. This vulnerability affects the function dataAction of the file /webmain/task/openapi/openmodhetongAction.php. The manipulation of the argument nickName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273250 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
