|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-07-23 | |
| Rule Name: | Yonyou U8 Cloud MeasQueryConditionFrameAction SQL Injection Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Yonyou U8 Cloud is an ERP software based on cloud computing technology, providing flexible and scalable cloud enterprise resource planning solutions for enterprises, supporting digital transformation and business innovation. Its MeasQueryConditionFrameAction interface has SQL injection vulnerabilities, which attackers can exploit to read and tamper with sensitive database information. | |
| Impact: | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |