SQL Injection Vulnerability in Yonyou's Space-Time Enterprise Information Integration Platform
CVE-2024-24256

Currently unrated

Key Information:

Vendor

Yonyou

Vendor
CVE Published:
15 February 2024

What is CVE-2024-24256?

SQL Injection vulnerability in Yonyou space-time enterprise information integration platform v.9.0 and before allows an attacker to obtain sensitive information via the gwbhAIM parameter in the saveMove.jsp in the hr_position directory.

References

https://github.com/l8l1/killl.github.io/blob/main/3.md

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.