Zlnzln

**Name of the Vulnerable Software and Affected Versions** Jinher OA version 1.0 **Description** A remote SQL injection flaw exists in the file '/C6/JHSoft.Web.PlanSummarize/UserSel.aspx'. The issue is triggered by the manipulation of the `DeptIDList` argument within an unknown function of that file. SQL injection is a technique where an attacker inserts malicious SQL code into a query, potentially allowing them to manipulate the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.