CNNVD-202508-3500 Information

CNNVD ID

CNNVD-202508-3500

Related CVE

CVE-2025-9669

• CNNVD Published: 2025-08-29

Description (Chinese)

Jinher OA是中国金和（Jinher）公司的一款协同管理软件。 Jinher OA 1.0版本存在安全漏洞，该漏洞源于文件GetTreeDate.aspx中参数ID操作不当，可能导致SQL注入攻击。

Description (English)

Jinher OA is a co-management software from Jinher China. There is a security loophole in version 1.0 of Jinher OA, which stems from the inappropriate operation of parameter ID in document GetTreeDate.aspx, which could lead to an SQL injection attack.

Hazard Level

Medium

Vulnerability Type

其他

Published

2025-08-29

Last Modified

2026-02-24

References

https://vuldb.com/?submit.637413 https://vuldb.com/?id.321876 https://vuldb.com/?ctiid.321876 https://github.com/1276486/CVE/issues/1 https://access.redhat.com/security/cve/cve-2025-9669 https://nvd.nist.gov/vuln/detail/CVE-2025-9669