CVE-2024-11060: Jinher Network Collaborative Management Platform 金和数字化智能办公平台 AcceptShow.aspx sql injection
First published: Mon Nov 11 2024(Updated: )
A vulnerability classified as critical has been found in Jinher Network Collaborative Management Platform ??????????? 1.0. Affected is an unknown function of the file /C6/JHSoft.Web.AcceptAip/AcceptShow.aspx/. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jinher Network OA |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-11060?
CVE-2024-11060 is classified as a critical vulnerability.
How does CVE-2024-11060 affect users?
CVE-2024-11060 allows for SQL injection through an unknown function in the Jinher Network Collaborative Management Platform.
What software is affected by CVE-2024-11060?
CVE-2024-11060 affects the Jinher Network Collaborative Management Platform version 1.0.
How do I fix CVE-2024-11060?
Fixing CVE-2024-11060 involves applying security patches provided by the vendor or mitigating SQL injection attacks.
What should I do if I am using Jinher Network Collaborative Management Platform?
If using Jinher Network Collaborative Management Platform, immediately check for updates and patches addressing CVE-2024-11060.
- agent/weakness
- agent/references
- agent/title
- agent/first-publish-date
- agent/type
- agent/severity
- agent/author
- agent/event
- agent/description
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/jinher
- canonical/jinher network oa