Skip to main content

Ywoa

3 CVEs product

Monthly

CVE-2022-38808 HIGH POC This Week

ywoa v6.1 is vulnerable to SQL Injection via backend/oa/visual/exportExcel.do interface. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ywoa
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-36606 CRITICAL POC Act Now

Ywoa before v6.1 was discovered to contain a SQL injection vulnerability via /oa/setup/checkPool?database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ywoa
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-36605 CRITICAL POC Act Now

Yimioa v6.1 was discovered to contain a SQL injection vulnerability via the orderbyGET parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ywoa
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
EPSS 1% CVSS 8.8
HIGH POC This Week

ywoa v6.1 is vulnerable to SQL Injection via backend/oa/visual/exportExcel.do interface. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ywoa
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Ywoa before v6.1 was discovered to contain a SQL injection vulnerability via /oa/setup/checkPool?database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ywoa
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Yimioa v6.1 was discovered to contain a SQL injection vulnerability via the orderbyGET parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ywoa
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy