Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SQLi in GG Soft's PaperWork
Vulnerability Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 564 - SQL Injection: Hibernate vulnerability in GG Soft Software Services Inc. PaperWork allows Blind SQL Injection, SQL Injection.This issue affects PaperWork: from 6.1.0.9390 before 6.1.0.9398.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
GG Soft PaperWork SQL注入漏洞
Vulnerability Description
GG Soft PaperWork是土耳其GG Soft公司的一看文档管理及流程控制软件。 GG Soft PaperWork 6.1.0.9390版本至6.1.0.9398之前版本存在SQL注入漏洞,该漏洞源于Hibernate框架未正确处理SQL命令中的特殊元素,可能导致SQL注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A