CVE-2025-15436 | Yonyou KSOA 9.0 /worksheet/work_edit.jsp Report sql injection

Inserito da Angelo Barbosa | Gen 1, 2026 | CVE

A vulnerability, which was classified as critical, was found in Yonyou KSOA 9.0. Affected by this issue is some unknown functionality of the file /worksheet/work_edit.jsp. Such manipulation of the argument Report leads to sql injection.

This vulnerability is uniquely identified as CVE-2025-15436. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-15436 | Yonyou KSOA 9.0 /worksheet/work_edit.jsp Report sql injection

Post correlati

CVE-2024-10841 | romadebrian WEB-Sekolah 1.0 Mail /Proses_Kirim.php Name sql injection

CVE-2024-3376 | SourceCodester Computer Laboratory Management System 1.0 config.php url redirect

CVE-2024-27302 | zeromicro go-zero authorization

CVE-2025-8126 | deerwms deer-wms-2 up to 3.3 /system/user/export params[dataScope] sql injection (ICLQUE)