|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-12-24 | |
| Rule Name: | Hzsage ERP Multiple Apis SQL Injection Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Hzsage ERP system is an enterprise management software developed by Hangzhou Saint Joe Technology Co., LTD., aiming to provide enterprises with a set of comprehensive and integrated management solutions to help enterprises realize the optimal allocation and efficient use of resources. There are SQL injection vulnerabilities in several interfaces of the system, which can be exploited by an unauthenticated remote attacker to obtain information in the database. | |
| Impact: | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |