|
|
|||
| Rule General Information |
|---|
| Release Date: | 2025-01-14 | |
| Rule Name: | Landry EKP fsscCommonPortlet.do Unauthorized SQL Injection Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Landry EKP is a full online digital OA, used in large and medium-sized enterprises online office. There is an unauthorized SQL injection vulnerability in Lanling EKP system fsscCommonPortlet.do. Unauthenticated malicious attackers can use the SQL injection vulnerability to obtain information in the database. | |
| Impact: | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |