CVE-2026-1131 - Vulnerability Details

- Yonyou KSOA HTTP GET Parameter save_catalog.jsp sql injection

Description

A vulnerability has been found in Yonyou KSOA 9.0. Impacted is an unknown function of the file /kmc/save_catalog.jsp of the component HTTP GET Parameter Handler. Such manipulation of the argument catalogid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published: 2026-01-19

Score: 6.9 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

This vulnerability permits injection of arbitrary SQL through the catalogid parameter in the /kmc/save_catalog.jsp file. An attacker can execute any SQL statement on the backend database, potentially reading, modifying, or deleting data, which compromises confidentiality, integrity, and availability.

Affected Systems

Yonyou KSOA version 9.0 is affected. The issue resides in the component accessed via /kmc/save_catalog.jsp. The CPE indicates that the vulnerability is specific to KSOA 9.0 and earlier snapshots without a known fix.

Risk and Exploitability

CVSS score 6.9 reflects a moderate‑severity flaw, while an EPSS score of less than 1 % suggests a low likelihood of exploitation in the wild. The vulnerability is exposed through a remote HTTP GET request, so a threat actor can trigger it without local privileges. The absence of a vendor patch and the unreceptive vendor response increase operational risk; however, the current exploit probability remains low. The flaw is not listed in the CISA KEV catalog, indicating no confirmed exploit activity to date.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Yonyou

KSOA

affected

Version	Status	Constraints
`9.0`	affected	—

Configuration 1 [-]

cpe:2.3:a:yonyou:ksoa:9.0:*:*:*:*:*:*:*

No data.

Vendor	Product	Confidence	Versions
Yonyou	Ksoa	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest Yonyou KSOA update or patch when it becomes available, ensuring that the save_catalog.jsp handler is hardened against SQL injection.
Restrict direct access to /kmc/save_catalog.jsp, allowing only authenticated administrative users, and implement least‑privilege controls on the database used by the application.
Implement strict input validation and use parameterized queries for the catalogid parameter, or deploy a web‑application firewall that blocks SQL‑injection patterns.

Generated by OpenCVE AI on April 18, 2026 at 05:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00013.

Exploitation poc

Automatable yes

Technical Impact partial

References

Link	Providers
https://github.com/LX-66-LX/cve/issues/13
https://vuldb.com/?ctiid.341721
https://vuldb.com/?id.341721
https://vuldb.com/?submit.734566

History

Mon, 23 Feb 2026 08:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:yonyou:ksoa::::::::

Tue, 10 Feb 2026 17:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:yonyou:ksoa:9.0:::::::*

Tue, 20 Jan 2026 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 19 Jan 2026 09:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Yonyou Yonyou ksoa
Vendors & Products		Yonyou Yonyou ksoa

Mon, 19 Jan 2026 01:45:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability has been found in Yonyou KSOA 9.0. Impacted is an unknown function of the file /kmc/save_catalog.jsp of the component HTTP GET Parameter Handler. Such manipulation of the argument catalogid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title		Yonyou KSOA HTTP GET Parameter save_catalog.jsp sql injection
Weaknesses		CWE-74 CWE-89
References		https://github.com/LX-66-LX/cve/issues/13 https://vuldb.com/?ctiid.341721 https://vuldb.com/?id.341721 https://vuldb.com/?submit.734566
Metrics		cvssV2_0 `{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Yonyou Ksoa

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-01-19T01:02:06.653Z

Updated: 2026-02-23T08:40:21.511Z

Reserved: 2026-01-18T07:13:46.491Z

Link: CVE-2026-1131

Vulnrichment

Updated: 2026-01-20T15:32:24.864Z

NVD

Status : Analyzed

Published: 2026-01-19T02:15:56.827

Modified: 2026-02-10T17:00:04.427

Link: CVE-2026-1131

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-18T05:30:25Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Exploitation poc

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object