|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-07-16 | |
| Rule Name: | EnjoyRMIS GetOAById SQL Injection Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | EnjoyRMIS is an integrated information system used to assist businesses in managing and optimizing their resources, including production, supply chain, finance, and human resources. The GetOAById interface has an SQL injection vulnerability, which allows attackers to inject SQL statements to perform illegal operations such as reading, modifying, and forging database information. | |
| Impact: | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |