CNNVD-202601-751 Information
Jan 02, 2026
cve
CNNVD ID
CNNVD-202601-751
Related CVE
- CNNVD Published: 2026-01-02
Description (Chinese)
Yonyou KSOA是中国用友(Yonyou)公司的一个企业级管理软件。 Yonyou KSOA 9.0版本存在SQL注入漏洞,该漏洞源于对文件/worksheet/work_update.jsp中参数Report的错误操作,可能导致SQL注入攻击。
Description (English)
Yonyou KSOA is an enterprise-level management software for Yonyou. Yonyou KSOA 9.0 has an injection loophole in SQL, which stems from an error in the reporting of the parameters in the document/worksheet/work update.jsp, which could lead to an attack on SQL injection.
Hazard Level
Medium
Vulnerability Type
SQL注入
Affected Vendor
用友
Published
2026-01-02
Last Modified
2026-02-24
References
https://github.com/xiaozipang/CVE/issues/1 https://vuldb.com/?ctiid.339362 https://vuldb.com/?id.339362 https://vuldb.com/?submit.721918 https://access.redhat.com/security/cve/cve-2025-15435
Share on: