CNNVD-202601-3080 Information

CNNVD ID

CNNVD-202601-3080

Related CVE

CVE-2026-1133

• CNNVD Published: 2026-01-19

Description (Chinese)

Yonyou KSOA是中国用友（Yonyou）公司的一个企业级管理软件。 Yonyou KSOA 9.0版本存在SQL注入漏洞，该漏洞源于对文件/kmf/folder.jsp中参数folderid的错误操作，可能导致SQL注入攻击。

Description (English)

Yonyou KSOA is an enterprise-level management software for Yonyou. Yonyou KSOA 9.0 has an injection loophole in SQL, which stems from the erroneous operation of the parameter Folderid in document/kmf/fonder.jsp, which could lead to an attack on SQL.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

用友

Published

2026-01-19

Last Modified

2026-02-24

References

https://github.com/LX-66-LX/cve/issues/16 https://vuldb.com/?ctiid.341723 https://vuldb.com/?id.341723 https://vuldb.com/?submit.734576