Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A SQL injection vulnerability exists in the login functionality of WellSky Harmony version 4.1.0.2.83 within the 'xmHarmony.asp' endpoint. User-supplied input to the 'TXTUSERID' parameter is not properly sanitized before being incorporated into a SQL query. Successful authentication may lead to authentication bypass, data leakage, or full system compromise of backend database contents.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WellSky Harmony 安全漏洞
Vulnerability Description
WellSky Harmony是美国WellSky公司的一个一体化服务管理平台。 WellSky Harmony 4.1.0.2.83版本存在安全漏洞,该漏洞源于xmHarmony.asp端点中TXTUSERID参数清理不当,可能导致SQL注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A