Qkdjksfkeg

#11716of 53,635
23.4Total CVSS
Vulnerabilities · 3
Medium
1
High
1
Critical
1
PT-2025-37983
8.0
2025-09-16
Oasys · Oasys · CVE-2025-44034
**Name of the Vulnerable Software and Affected Versions** oa system oasys version 1.1 **Description** A SQL injection vulnerability exists in oa system oasys version 1.1. This allows a remote attacker to execute arbitrary code via the `alph` parameters in `src/main/Java/cn/gson/oasys/controller/address/AddrController`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2025-37057
5.6
2025-09-10
Oasys · Oasys · CVE-2025-29592
Name of the Vulnerable Software and Affected Versions: oasys version 1.1 Description: oasys version 1.1 is susceptible to a Directory Traversal issue within the `ProcedureController`. This allows potential unauthorized access to files and directories. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2025-35292
9.8
2025-08-29
Oasys · Oasys · CVE-2025-44033
**Name of the Vulnerable Software and Affected Versions** oa system oasys version 1.1 **Description** A SQL injection vulnerability exists in the `allDirector()` method declaration within `src/main/java/cn/gson/oasys/mappers/AddressMapper.java`. This allows a remote attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.