Vulnerabilities > Rockoa > Rockoa > 1.5.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-13 | CVE-2023-49363 | SQL Injection vulnerability in Rockoa Rockoa <2.3.3 is vulnerable to SQL Injection. | 9.8 |
| 2019-06-28 | CVE-2019-9846 | SQL Injection vulnerability in Rockoa RockOA 1.8.7 allows remote attackers to obtain sensitive information because the webmain/webmainAction.php publictreestore method constructs a SQL WHERE clause unsafely by using the pidfields and idfields parameters, aka background SQL injection. | 8.8 |