Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An SQL injection vulnerability in Yoosee application v6.32.4 allows authenticated users to inject arbitrary SQL queries via a request to a backend API endpoint. Successful exploitation enables extraction of sensitive database information, including but not limited to, the database server banner and version, current database user and schema, the current DBMS user privileges, and arbitrary data from any table.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Yoosee 安全漏洞
Vulnerability Description
Yoosee是中国Yoosee公司的一款智能家居移动应用程序。 Yoosee 6.32.4版本存在安全漏洞,该漏洞源于后端API端点存在SQL注入漏洞,可能导致提取敏感数据库信息。
CVSS Information
N/A
Vulnerability Type
N/A