Skip to main content

Jinher OA CVE-2026-15517

| EUVDEUVD-2026-43259 MEDIUM
SQL Injection (CWE-89)
2026-07-13 VulDB GHSA-g9x4-g2rg-r435
5.5
CVSS 4.0 · Vendor: VulDB
Share

Severity by source

Vendor (VulDB) PRIMARY
5.5 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
9.4 CRITICAL

Network-reachable, unauthenticated SQL injection with no user interaction; C:H and I:H reflect typical full database read/write capability of unmitigated SQLi; A:L as application disruption is secondary.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (VulDB).

CVSS VectorVendor: VulDB

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
CVSS changed
Jul 13, 2026 - 01:22 NVD
6.9 (MEDIUM) 5.5 (MEDIUM)
Analysis Generated
Jul 13, 2026 - 01:12 vuln.today

DescriptionCVE.org

A flaw has been found in Jinher OA 1.0. The affected element is an unknown function of the file /C6/JHSoft.Web.PlanSummarize/PlanGiveOut.aspx. This manipulation of the argument httpOID causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

SQL injection in Jinher OA 1.0 exposes the PlanGiveOut.aspx endpoint to remote unauthenticated exploitation via the unsanitized httpOID parameter, enabling database enumeration, data exfiltration, and record manipulation. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) confirms no prerequisites beyond network access. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Discover internet-facing Jinher OA instance
Delivery
Identify PlanGiveOut.aspx endpoint
Exploit
Inject SQL payload via httpOID parameter
Execution
Extract database schema and table contents
Impact
Exfiltrate OA user credentials and organizational data

Vulnerability AssessmentAI

Exploitation No authentication is required - the CVSS 4.0 vector PR:N and UI:N confirm unauthenticated, no-interaction exploitation. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 score of 6.9 (Medium) with VC:L/VI:L/VA:L reflects a conservative partial-impact rating, but this likely understates realistic risk: SQL injection in an OA backend typically permits full database table read and write, not merely limited access, unless row-level security or stored procedure isolation is in place - neither of which is indicated by available data. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with network access to a Jinher OA 1.0 instance sends a crafted HTTP GET or POST request to `/C6/JHSoft.Web.PlanSummarize/PlanGiveOut.aspx` with a SQL payload injected into the `httpOID` parameter (e.g., `httpOID=1' UNION SELECT table_name,NULL FROM information_schema.tables--`). Using the publicly available POC on GitHub as a reference, the attacker enumerates database tables and extracts employee records, credentials, or plan data stored in the OA backend. …
Remediation No vendor-released patch has been identified at time of analysis - the vendor did not respond to coordinated disclosure. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-15517 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy