|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-08-28 | |
| Rule Name: | Weaver Ecology9 ModeDateService SQL Injection Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Weaver E-cology is an enterprise-level collaborative office platform, which supports information sharing, communication, collaboration and knowledge management by integrating various office applications and workflow, to improve work efficiency and organizational management ability. The ModeDateService interface of Weaver E-cology has a SQL injection vulnerability, through which attackers can inject malicious SQL statements, which may cause remote code execution. | |
| Impact: | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |