CVE-2025-44034

High CVSS: 8.0

SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the alph parameters in src/main/Java/cn/gson/oasys/controller/address/AddrController

Vendor

Aaluoxiang

Product

Oa System

CWE

CWE-89

Yayın Tarihi

2025-09-16 14:15:54

Güncelleme

2025-11-19 17:06:31

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-89 Oa System HIGH Aaluoxiang 2025

Referanslar

https://github.com/qkdjksfkeg/Security-Collections/blob/main/sqlinjection2.md

Benzer Kayıtlar

Medium

CVE-2025-29592

oasys v1.1 is vulnerable to Directory Traversal in ProcedureController.

Critical

CVE-2025-44033

SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the allDirec…

Medium

CVE-2025-6829

A vulnerability was found in aaluoxiang oa_system up to c3a08168c144f27256a90838492c713f55f1b207 and classified as criti…

Medium

CVE-2025-5545

A vulnerability classified as problematic has been found in aaluoxiang oa_system up to 5b445a6227b51cee287bd0c7c33ed94b8…

Medium

CVE-2025-5544

A vulnerability was found in aaluoxiang oa_system up to 5b445a6227b51cee287bd0c7c33ed94b801a82a5. It has been rated as p…

Medium

CVE-2025-1958

A vulnerability, which was classified as critical, has been found in aaluoxiang oa_system 1.0. This issue affects some u…