No analysis available yet.
No remediation available yet.
Tracking
Sign in to view the affected projects.
No advisories yet.
Sun, 05 Jul 2026 11:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was identified in Hanwang e-Face General Management Platform 6.3.5.4. This impacts an unknown function of the file /sysAuthStr/querySysAuthStr.do. The manipulation of the argument order leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. | |
| Title | Hanwang e-Face General Management Platform querySysAuthStr.do sql injection | |
| First Time appeared |
Hanwang
Hanwang e-face General Management Platform |
|
| Weaknesses | CWE-74 CWE-89 |
|
| CPEs | cpe:2.3:a:hanwang:e-face_general_management_platform:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Hanwang
Hanwang e-face General Management Platform |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-05T10:00:36.457Z
Reserved: 2026-07-04T09:02:56.109Z
Link: CVE-2026-14737
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-05T12:30:05Z