|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-06-04 | |
| Rule Name: | Yonyou Chanjet T+ InitServerInfo.aspx SQL Injection Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Yonyou Chanjet T+is a comprehensive enterprise management software that covers multiple fields such as finance, supply chain, production and manufacturing, helping enterprises achieve information management and business process optimization. An SQL injection vulnerability exists in the InitServerInfo.aspx interface of T+, which can be exploited to execute malicious commands. | |
| Impact: | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |