Filtered by vendor Xinfu Subscriptions
Filtered by product Oa System Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-18019 1 Xinfu 1 Oa System 2024-11-21 7.5 High
SQL Injection in Xinhu OA System v1.8.3 allows remote attackers to obtain sensitive information by injecting arbitrary commands into the "typeid" variable of the "createfolderAjax" function in the "mode_worcAction.php" component.