CVE-2024-24256 Information

Description

SQL Injection vulnerability in Yonyou space-time enterprise information integration platform v.9.0 and before allows an attacker to obtain sensitive information via the gwbhAIM parameter in the saveMove.jsp in the hr_position directory.

Reference

https://github.com/l8l1/killl.github.io/blob/main/3.md