CNNVD-202507-2314 Information

CNNVD ID

CNNVD-202507-2314

Related CVE

CVE-2024-32323

• CNNVD Published: 2025-07-17

Description (Chinese)

Highsun OA是中国海昌信息（Highsun）公司的一款办公协同软件。 Highsun OA v.1.0.0版本存在安全漏洞，该漏洞源于hcit.project.rte.agents.UploadImages.class中的if参数存在SQL注入漏洞，可能导致获取敏感信息。

Description (English)

Highsun OA is an office synergy software for Highsun China. There is a security loophole in version Highsun OA v. 1.0.0, which stems from the SQL injection gap in the parameters of hcit.project.rte.agents.UploadImages.class, which may lead to access to sensitive information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

海昌信息

Published

2025-07-17

Last Modified

2026-02-24

References

https://gist.github.com/night-0p/92b5ad270ac426b0992e2c97dc7b1471 https://github.com/night-0p/anh/blob/main/Haichang%20OA/SQL1.md