CNNVD-202509-1101 Information

CNNVD ID

CNNVD-202509-1101

Related CVE

CVE-2025-10090

• CNNVD Published: 2025-09-08

Description (Chinese)

Jinher OA是中国金和（Jinher）公司的一款协同管理软件。 Jinher OA 1.2及之前版本存在SQL注入漏洞，该漏洞源于/C6/Jhsoft.Web.departments/GetTreeDate.aspx文件参数处理不当，可能导致SQL注入攻击。

Description (English)

Jinher OA is a co-management software from Jinher China. Jinher OA 1.2 and previous versions had an injection loophole in SQL, which originated in/C6/Jhsoft.Web.departments/GetTreeDate.aspx, and could lead to SQL injection attacks.

Hazard Level

Medium

Vulnerability Type

SQL注入

Published

2025-09-08

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.323045 https://github.com/Cstarplus/CVE/issues/1 https://vuldb.com/?id.323045 https://vuldb.com/?submit.644635 https://access.redhat.com/security/cve/cve-2025-10090