Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

OA — Vulnerabilities & Security Advisories 50

All 50 CVE vulnerabilities found in OA, with AI-generated Chinese analysis, references, and POCs.

Vendor: Jiusi

CVE IDTitleCVSSSeverityPublished
CVE-2023-4742 IBOS OA export&uid=X sql injection CWE-89 6.3 Medium2023-09-03
CVE-2023-4741 IBOS OA Delete Logs del sql injection CWE-89 6.3 Medium2023-09-03
CVE-2023-4740 IBOS OA Delete Draft delDraft&archiveId=0 sql injection CWE-89 6.3 Medium2023-09-03
CVE-2023-4713 IBOS OA addcomment addComment sql injection CWE-89 5.5 Medium2023-09-01
CVE-2023-4545 IBOS OA export&checkids=x sql injection CWE-89 6.3 Medium2023-08-26
CVE-2023-4543 IBOS OA export&contactids=x sql injection CWE-89 6.3 Medium2023-08-25
CVE-2023-4166 Tongda OA delete_log.php sql injection CWE-89 5.5 Medium2023-08-05
CVE-2023-4165 Tongda OA delete_seal.php sql injection CWE-89 5.5 Medium2023-08-05
CVE-2023-3826 IBOS OA Interview edit&op=status sql injection CWE-89 6.3 Medium2023-07-22
CVE-2023-3801 IBOS OA Mobile Notification edit actionEdit sql injection CWE-89 5.5 Medium2023-07-20
CVE-2023-3799 IBOS OA Delete Category del sql injection CWE-89 6.3 Medium2023-07-20
CVE-2023-3791 IBOS OA Personal Office Address Book export actionExport sql injection CWE-89 6.3 Medium2023-07-20
CVE-2023-3621 IBOS OA Delete Packet delete createDeleteCommand sql injection CWE-89 6.3 Medium2023-07-11
CVE-2023-3478 IBOS OA Add User edit&op=member actionEdit sql injection CWE-89 4.7 Medium2023-06-30
CVE-2023-3449 IBOS OA Interview Management Export export&interviews=x actionExport sql injection CWE-89 5.5 Medium2023-06-28
CVE-2023-2799 cnoa OA hard-coded password CWE-259 6.3 Medium2023-05-18
CVE-2023-2766 Weaver OA jx2_config.ini file access CWE-552 5.3 Medium2023-05-17
CVE-2023-2765 Weaver OA downfile.php absolute path traversal CWE-36 4.3 Medium2023-05-17
CVE-2023-2738 Tongda OA GatewayController.php actionGetdata unrestricted upload CWE-434 6.3 Medium2023-05-16
CVE-2022-3467 Jiusi OA hntdCustomDesktopActionContent sql injection CWE-707 5.5 Medium2022-10-12

All 50 known CVE vulnerabilities affecting OA with full Chinese analysis, references, and POCs where available.