📦 Ksoa
by Yonyou
🔍 What is Ksoa?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability allows remote attackers to execute SQL injection attacks against Yonyou KSOA 9.0 systems by manipulating the 'folderid' parameter in the /kmf/user_popedom.jsp endpoint. Successful e...
This SQL injection vulnerability in Yonyou KSOA 9.0 allows remote attackers to execute arbitrary SQL commands via the folderid parameter in the /kmf/save_folder.jsp endpoint. Organizations using Yonyo...
This is a SQL injection vulnerability in Yonyou KSOA 9.0 that allows remote attackers to execute arbitrary SQL commands via the 'folderid' parameter in the /kmf/select.jsp endpoint. The vulnerability ...
This CVE describes a SQL injection vulnerability in Yonyou KSOA 9.0 that allows remote attackers to execute arbitrary SQL commands via the 'folderid' parameter in the /kmf/folder.jsp endpoint. Organiz...
This CVE describes a SQL injection vulnerability in Yonyou KSOA 9.0 that allows remote attackers to execute arbitrary SQL commands via the folderid parameter in the /kmf/edit_folder.jsp endpoint. Orga...
This CVE describes a SQL injection vulnerability in Yonyou KSOA 9.0's /worksheet/work_mod.jsp file via the ID parameter in HTTP GET requests. Attackers can remotely exploit this to execute arbitrary S...
This CVE describes a SQL injection vulnerability in Yonyou KSOA 9.0 that allows remote attackers to execute arbitrary SQL commands via the ID parameter in the /worksheet/del_work.jsp endpoint. Organiz...
This CVE describes a SQL injection vulnerability in Yonyou KSOA 9.0 that allows remote attackers to execute arbitrary SQL commands via the ID parameter in the /worksheet/del_workplan.jsp endpoint. Org...
This CVE describes a SQL injection vulnerability in Yonyou KSOA 9.0 that allows remote attackers to execute arbitrary SQL commands via the ID parameter in the /worksheet/work_info.jsp endpoint. Organi...
This vulnerability allows remote attackers to execute SQL injection attacks against Yonyou KSOA 9.0 through the /kp/PrintZPYG.jsp file by manipulating the zpjhid parameter. Organizations using Yonyou ...
This CVE describes a SQL injection vulnerability in Yonyou KSOA 9.0 through the /worksheet/agent_worksdel.jsp endpoint. Attackers can manipulate the ID parameter to execute arbitrary SQL commands, pot...
This CVE describes a SQL injection vulnerability in Yonyou KSOA 9.0's /worksheet/agent_work_report.jsp endpoint via the ID parameter. Attackers can remotely execute arbitrary SQL commands to potential...
This vulnerability allows remote attackers to execute arbitrary SQL commands via the ID parameter in the /worksheet/agent_worksadd.jsp endpoint of Yonyou KSOA 9.0. This can lead to unauthorized data a...