Vulnerabilities > Yimihome

DATE CVE VULNERABILITY TITLE RISK
2022-09-16 CVE-2022-38808 SQL Injection vulnerability in Yimihome Ywoa 6.1
ywoa v6.1 is vulnerable to SQL Injection via backend/oa/visual/exportExcel.do interface.
network
low complexity
yimihome CWE-89
8.8
2022-08-19 CVE-2022-36605 SQL Injection vulnerability in Yimihome Ywoa 6.1
Yimioa v6.1 was discovered to contain a SQL injection vulnerability via the orderbyGET parameter.
network
low complexity
yimihome CWE-89
critical
9.8
2022-08-19 CVE-2022-36606 SQL Injection vulnerability in Yimihome Ywoa
Ywoa before v6.1 was discovered to contain a SQL injection vulnerability via /oa/setup/checkPool?database.
network
low complexity
yimihome CWE-89
critical
9.8