| Description: | | Esafenet Electronic Document Security Management System is an electronic document security protection software, the system uses the driver layer transparent encryption technology, through the encryption protection of electronic documents, to prevent internal employees from leaking and external personnel illegally stealing enterprise core important data assets. The fileFormatId parameter of FileFormatAjax interface of Esafenet Electronic Document Security Management System is not pre-compiled and sufficient verification of incoming data, resulting in SQL injection vulnerability in the interface. Malicious attackers may obtain server information or directly obtain server permissions through this vulnerability. |