Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SQL Injection vulnerability in function setwxqyAction in file webmain/task/api/loginAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers gain sensitive information, including administrator accounts, password hashes, database structure, and other critical data via the shouji and userid parameters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Xinhu RockOA 安全漏洞
Vulnerability Description
Xinhu RockOA是中国信呼(Xinhu)公司的一个办公OA系统。 Xinhu RockOA 2.7.0版本存在安全漏洞,该漏洞源于文件webmain/task/api/loginAction.php中函数setwxqyAction对参数shouji和userid的错误操作,可能导致SQL注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A