|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-08-06 | |
| Rule Name: | Weaver Ecology HrmService SQL Injection Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Weaver Ecology is an enterprise level digital office platform that provides comprehensive collaborative work, process management, knowledge sharing, and other functions to promote internal information flow and digital transformation of business processes. Its HrmService interface has an SQL injection vulnerability, which allows attackers to execute malicious SQL statements. | |
| Impact: | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |