📦 Jinher Oa

This is an XML External Entity (XXE) vulnerability in Jinher OA 2.0 that allows remote attackers to read arbitrary files from the server or potentially perform server-side request forgery. It affects ...

This CVE describes an XML External Entity (XXE) vulnerability in Jinher OA software up to version 1.2. Attackers can exploit this to read sensitive files, conduct server-side request forgery, or poten...

This vulnerability in Jinher OA allows attackers to perform XML External Entity (XXE) attacks through the XML Handler component. Remote exploitation can lead to sensitive data disclosure, server-side ...

This CVE describes a SQL injection vulnerability in Jinher OA software up to version 1.2, specifically in the GetTreeDate.aspx file. Attackers can manipulate the ID parameter to execute arbitrary SQL ...

CVE-2025-9669 is a SQL injection vulnerability in Jinher OA 1.0's GetTreeDate.aspx file that allows attackers to manipulate database queries via the ID parameter. This affects all organizations using ...

This vulnerability in Jinher OA 1.2 allows remote attackers to perform XML External Entity (XXE) attacks via the ProjectScheduleDelete.aspx file. This could enable attackers to read sensitive files, c...

This vulnerability in Jinher OA 1.0 allows attackers to perform XML External Entity (XXE) attacks through the /c6/Jhsoft.Web.message/ToolBar/DelTemp.aspx endpoint. This can lead to unauthorized data a...