A vulnerability labeled as critical has been found in Shenzhen Landray Landry Office Automation 2024-03-11. Affected by this vulnerability is the function findList of the file wechatLoginHelper.do. Such manipulation of the argument uid leads to sql injection hibernate.

This vulnerability is referenced as CVE-2024-58352. It is possible to launch the attack remotely. No exploit is available.