Vulnerabilities > Rockoa

DATE CVE VULNERABILITY TITLE RISK
2024-10-23 CVE-2024-48213 Path Traversal vulnerability in Rockoa Xinhu 2.6.5
RockOA v2.6.5 is vulnerable to Directory Traversal in webmain/system/beifen/beifenAction.php.
network
low complexity
rockoa CWE-22
4.3
2024-07-31 CVE-2024-7327 SQL Injection vulnerability in Rockoa Xinhu 2.6.2
A vulnerability classified as critical was found in Xinhu RockOA 2.6.2.
network
low complexity
rockoa CWE-89
8.8
2024-06-17 CVE-2024-37624 Cross-site Scripting vulnerability in Rockoa Xinhu 2.6.3
Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the /chajian/inputChajian.php.
network
low complexity
rockoa CWE-79
6.1
2023-12-13 CVE-2023-49363 SQL Injection vulnerability in Rockoa
Rockoa <2.3.3 is vulnerable to SQL Injection.
network
low complexity
rockoa CWE-89
critical
9.8
2023-12-06 CVE-2023-48930 Unrestricted Upload of File with Dangerous Type vulnerability in Rockoa Xinhu 2.2.1
xinhu xinhuoa 2.2.1 contains a File upload vulnerability.
network
low complexity
rockoa CWE-434
critical
9.8
2023-09-29 CVE-2023-5296 Unspecified vulnerability in Rockoa 1.1/15.X3Amdi/2.3.2
A vulnerability was found in Xinhu RockOA 1.1/2.3.2/15.X3amdi and classified as problematic.
network
low complexity
rockoa
7.5
2023-09-29 CVE-2023-5297 Files or Directories Accessible to External Parties vulnerability in Rockoa 2.3.2
A vulnerability was found in Xinhu RockOA 2.3.2.
network
low complexity
rockoa CWE-552
7.5
2023-03-31 CVE-2023-1773 Code Injection vulnerability in Rockoa 2.3.2
A vulnerability was found in Rockoa 2.3.2.
network
low complexity
rockoa CWE-94
critical
9.8
2023-03-19 CVE-2023-1501 Unspecified vulnerability in Rockoa 2.3.2
A vulnerability, which was classified as critical, was found in RockOA 2.3.2.
network
low complexity
rockoa
8.8
2022-12-19 CVE-2022-45041 SQL Injection vulnerability in Rockoa Xinhu
SQL Injection exits in xinhu < 2.5.0
network
low complexity
rockoa CWE-89
7.5